On 11/30/2011 08:01 AM, Jayavant Patil wrote:
[...]
I have two users ldap_6 and ldap_7. I want to restrict a user to
see his own data only.
In slapd.conf, I specified the rule as follows:
access to *
by self write.
by * none
But ldap_6 can see the ldap_7 user entries (or vice versa) with
$ldapsearch -x -v -D "cn=root,dc=abc,dc=com" -b
"ou=People,dc=abc,dc=com" "uid=ldap_7"
Any suggestions?
The above search is done as cn=root, not uid=ldap_6.
If cn=root is your rootdn, it can see everything.
--
Bjørn
