Hi,
I have a ACL problem, I am not able to figure out what I am doing wrong. Or
if there is something wrong in what I understood.
So here is my scenario I have an ou of "user" and an ou of "Administrator"
now one user from administrator branch should be able to edit anything in
user branch and the other user should only be able to read the branch
"user", also I want userPassword to be visible to only Administrator which
has write permissions.
here is my initial ACL for it
{0}to attrs=userPassword by dn.exact="uid=domain.admin,ou=
Administrator,dc=example,dc=com" write by anonymous auth
{1}to dn.subtree="ou=user,dc=example,dc=com" attrs=entry,children by
dn.exact="uid=domain.admin,ou=Administrator,dc=example,dc=com" write by
dn.exact="uid=domain.auth,ou=Administrator,dc=example,dc=com" read
now using above acl none of the user domain.auth or domain.admin is able
read/write/search in "user" ou. Only if I add the following ACL to it.
{2} to * by dn.exact="uid=domain.admin,ou=Administrator,dc=example,dc=com"
write by dn.exact="uid=domain.auth,ou=Administrator,dc=example,dc=com" read
everything works as i want it to work.
Mail: [email protected]
Facebook: www.facebook.com/8zero2
Twitter: @8zero2_in
Blog: blog.8zero2.in
