Lloyd Zusman writes:
Gordon Messmer <[EMAIL PROTECTED]> writes:Lloyd Zusman wrote:OK, OK ... I found it. I added this to slapd.conf: access to * by self write by anonymous auth by * readYeah... Your users can now change their login shell and uid (attribute "uidNumber"). Obviously, this is bad. Be specific when granting write access. Only grant access to the specific attributes that users need to be able to change.OK. So what should it look like? Something like this, perhaps? access to userPassword by self write by anonymous auth by * read
I would say "by self read", instead.
pgpil9KxQDZqS.pgp
Description: PGP signature
