Am Wed, 29 Jun 2016 14:49:12 +0200 schrieb Florian Best <best@univention.de>: > Hello, > > studying the slapd.access man page left me with an open question > regarding the control of object creation: > > * How to allow the creation of objects with a specific objectclass > only? > > For example, I want to prevent that an object with a object class > other than 'foobar' is created. > > Assumming the following LDIF should be valid for an "add" operation: > > > dn: uid=anton1,cn=settings,dc=ldap,dc=base > > objectClass: foobar > > uid: anton1 man slapd.conf(5) search for - ditcontentrule - add_content_acl and following access rules: access to dn.sub=cn=foo,o=bar attrs=entry,@foobar by * -Dieter -- Dieter Klünter | Systemberatung http://sys4.de GPG Key ID: E9ED159B 53°37'09,95"N 10°08'02,42"E
Attachment:
pgpO5fdouGHx_.pgp
Description: Digitale Signatur von OpenPGP