[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Security between server and client nodes.

On 11/30/2011 08:01 AM, Jayavant Patil wrote:


I have two users ldap_6 and ldap_7. I want to restrict a user to see his own data only.
     In slapd.conf, I specified the rule as follows:
           access to *
              by self write.
              by * none

     But ldap_6 can see the ldap_7 user entries (or vice versa) with
$ldapsearch -x -v -D "cn=root,dc=abc,dc=com" -b "ou=People,dc=abc,dc=com" "uid=ldap_7"

   Any suggestions?

The above search is done as cn=root, not uid=ldap_6.

If cn=root is your rootdn, it can see everything.