[389-users] setting up ACLs

Hi there, i ran into a problem with the ACLs. I set up an account, what needed to acquire only certain attributes, i set the following ACL: (targetattr = "uid || mail || mailHost || accountType || accountStatus || mailAlternateAddress || mailForwardingAddress || mailUserPassword") (target = "ldap:///dc=moveone,dc=info") (targetfilter = ou=People) (version 3.0; acl "Email server can lookup some data"; allow (read,compare,search) (userdn = "ldap:///cn=emailServerLookup,ou=People,dc=moveone,dc=info") ;) but the search is gives back all the attributes, not only the allowed ones. What i am miss? the lookup: ldapsearch -x -LLL -h ds -b ou=People,dc=moveone,dc=info -D "cn=emailServerLookup,ou=People,dc=moveone,dc=info" -w TheSecretPassword uid=karoly.czovek dn: uid=karoly.czovek,ou=People,dc=moveone,dc=info -- Karoly CZOVEK Global Systems Administrator MoveOne IT Department Eastern Europe - Balkans - CIS& Central Asia - Middle East& Africa - Asia Pacific phone: +36 1 266 0181 - ext.6710 mobile: +36 70 708 9953 skype: mo_karoly.czovek email: karoly.czovek(a)moveoneinc.com web: http://www.moveoneinc.com