Am Tue, 16 Oct 2018 15:51:50 +0200 schrieb Lirien Maxime <[email protected]>:
> Hi all, > thanks for reading. > I have a "supervision" account on all my ldap servers. With the plugin > nagios , it check the synchro. I would like this account read only > contextcsn to check synchro. And only contextcsn not the other > entries. (plugin check nagios). > Can someone help me to write the right ACL ? > > Here what I tried but not really right :-/ > # ContextCSN > access to dn.subtree="dc=fr" attrs=contextCSN > by dn.subtree="cn=supervision,ou=Comptes Clients,dc=fr" read > by * none access to dn.base=dc=fr attrs=entry,children,contextCSN read -Dieter -- Dieter Klünter | Systemberatung http://sys4.de GPG Key ID: E9ED159B 53°37'09,95"N 10°08'02,42"E
