[Date Prev][Date Next] [Chronological] [Thread] [Top]

stopping anonymous access to userPassword

I'm unaccustomed to the new (non-slapd.conf) way of adding ACL/ACI's.

I'm trying exclude anonymous access to the password.  We've tried this to no affect:

olcAccess: to dn.base="cn=users,dc=lib-mac,dc=local" by * read
olcAccess: to dn.base="cn=Subschema" by * read
olcAccess: to attrs=userPassword
  by self write
  by dn.exact="uid=diradmin,cn=users,dc=lib-mac,dc=local" read
  by * auth
olcAccess: to dn.subtree=""
  by dn.exact="uid=diradmin,cn=users,dc=lib-mac,dc=local" write
  by users read
  by anonymous auth

Robert Threet

$65/Hr Job - 25 Openings
Part-Time job ($20-$65/hr). Requirements: Home Internet Access