[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
slapacl
I believe I have it working in 2.1.
However, I have ACL's that use the filter= option, but since the "-b DN"
doesn't actually retrieve the specified DN, I don't see how it can give
a correct answer to questions reguarding the attributes covered by those
ACL's.
Since, I don't have the CVS version of 2.2 built anywhere, would someone
that does be willing to take the attached config file, run the following
command and let me know the output?
slapacl -f ./slapd.conf-acl -b 'uid=joe,dc=example,dc=com' carLicense
Thanks,
--
Frank Swasey | http://www.uvm.edu/~fcs
Systems Programmer | Always remember: You are UNIQUE,
University of Vermont | just like everyone else.
=== God bless all inhabitants of your planet ===include /etc/openldap/schema/core.schema
include /etc/openldap/schema/cosine.schema
include /etc/openldap/schema/inetorgperson.schema
include /etc/openldap/schema/misc.schema
#
# Access Control
#
access to attrs=userPassword
by dn="cn=Replicant,dc=example,dc=com" write
by self read
by ssf=112 anonymous auth
by * none
access to filter=(employeeType=Manager)
attrs=homePhone,homePostalAddress,carLicense
by dn="cn=Replicant,dc=example,dc=com" write
by users read
by * none
access to filter=(!(employeeType=Manager))
attrs=homePhone,homePostalAddress,carLicense
by dn="cn=Replicant,dc=example,dc=com" write
by * none
# Everything else is always public and self modifiable
access to *
by dn="cn=Replicant,dc=example,dc=com" write
by self write
by * read
# Default search base
defaultsearchbase dc=example,dc=com
#######################################################################
# bdb database definitions
#######################################################################
database bdb
suffix "dc=example,dc=com"
rootdn "cn=Manager,dc=example,dc=com"
directory /var/lib/ldap