[Date Prev][Date Next]
Re: OpenLDAP permissions question
I have been trying to understand configuration OpenLDAP for a while.
It is a challenge for me. Even people on this list, who know OpenLDAP
[unlike your's truly] are at times contradicting one another. As we
see from this thread, there are others confused about access
If not for your and others' help, I would not even understand as much.
Seems to me that not many know how to write ACLs for OpenLDAP. This is
obviously moot. I just need to figure out what can done, this time. I
am not an administrator. If I can get my program, utilizing OpenLDAP
as a backend, to work, I will be happy enough. :)
Of course, unless someone suggests something that works, I have no
choice but analyze every example out there, at least for a bit longer.
I figure that if nothing comes through by Sunday, it should consider
throwing backend away and switching to a different architecture.
Obviously OpenLDAP works well, but if I am not smart enough to get it
to work as needed, it is not much good to me.
On Friday, March 20, 2015, Michael Ströder <firstname.lastname@example.org> wrote:
> Igor Shmukler wrote:
>> If there is no way to grant access to all records across all databases
>> to cn=config [because it is not a user], I would go for having a
>> [different] user who can delete records in multiple DITs[, by invoking
>> LDAPI or whatever].
> You should really analyze this example configuration:
> Ciao, Michael.