Simone Taliercio wrote: > access to * > by self write > by anonymous auth > by users search > > The only way to workaround that issue is removing any ACL or leaving "by users > read". Looking at the ACL above you likely run into a misunderstanding. You should carefully read slapd.access(5). Especially the very important section "THE ACCESS DIRECTIVE" describes significance of order of <what> and <who> clauses and that the checking stops at the first matching <what> and <who> clause (if control flow is not explicitly redirected). Given the example above you might rather want this: access to * by self write by users search by * auth YMMV. Also it's very handy to run slapd -d stats,acl [..other params..] to get ACL debugging displayed on console. Ciao, Michael.
Description: S/MIME Cryptographic Signature