On 05/17/2012 10:47 AM, Lucas Yamanishi wrote:
> On 05/17/2012 09:34 AM, Rob Crittenden wrote:
>> Lucas Yamanishi wrote:
>>> Hi everybody,
>>>
>>> I've added some custom schema to my directory, but it's useless to me if
>>> if I can't control read permissions on it. This is obviously a little
>>>
Lucas Yamanishi wrote:
On 05/17/2012 09:34 AM, Rob Crittenden wrote:
...
The ACIs need a little bit of work. The name of the aci needs to
match the name of the ACI that permission is being granted to, with a
prefix of permission:. So it should look more like:
aci: (targetattr = "attribute1 ||
On 05/17/2012 09:34 AM, Rob Crittenden wrote:
> ...
>
> The ACIs need a little bit of work. The name of the aci needs to
> match the name of the ACI that permission is being granted to, with a
> prefix of permission:. So it should look more like:
>
> aci: (targetattr = "attribute1 || attribute2
On 05/17/2012 09:34 AM, Rob Crittenden wrote:
> Lucas Yamanishi wrote:
>> Hi everybody,
>>
>> I've added some custom schema to my directory, but it's useless to me if
>> if I can't control read permissions on it. This is obviously a little
>> tricky since (Free)IPA allows everybody to ready everyt
Lucas Yamanishi wrote:
Hi everybody,
I've added some custom schema to my directory, but it's useless to me if
if I can't control read permissions on it. This is obviously a little
tricky since (Free)IPA allows everybody to ready everything by default.
With that, what's the best way to restric