hi everyone.
i'm trying to get to grips with acls on ldap, could someone glance over this
snippet of config and tell me why my members in 'Account operators' are only
being granted read permission to user attributes?
thanks!
access to dn.base="" by * read
access to dn.base="cn=Subschema" by * read
access to dn.onelevel="ou=Users,dc=student,dc=local"
attrs=entry,@extensibleObject
by set="user/uid & [cn=Account
Operators,ou=Groups,dc=student,dc=local]/memberUid" write
by * read
access to dn.base="ou=Users,dc=student,dc=local" attrs=children
by set="user/uid & [cn=Account
Operators,ou=Groups,dc=student,dc=local]/memberUid" write
by * read
_______________________________________________
Join Excite! - http://www.excite.com
The most personalized portal on the Web!
