I'm trying to use IPA's LDAP server as the user data base for an external

I have created a service account from ldif below.

dn: uid=srv-ro,cn=sysaccounts,cn=etc,dc=example,dc=com
changetype: add
objectclass: account
objectclass: simplesecurityobject
uid: system
userPassword: changeme!
passwordExpirationTime: 20380119031407Z
nsIdleTimeout: 0

This works fine. My question is whats the ACI associated with this new
user? Does this user have read-only access to everything in LDAP ? Or
should I add/tune the ACI.

Manage your subscription for the Freeipa-users mailing list:
Go to http://freeipa.org for more info on the project

Reply via email to