[389-users] ACI for read only access
Walter Neu
w.neu at eurodata.de
Tue Feb 14 07:17:55 UTC 2012
Hi all,
I'm confused about ACI and need some help from the experts....
I want to create an ACI for read only access to a certain branch of my
LDAP tree. Therefor I created the following ACI
(targetattr = "userPassword || uid") (target =
"ldap:///ou=AABenutzer,ou=eurodatasb,dc=eurodata,dc=de") (version
3.0;acl "read only";allow (read)(userdn =
"ldap:///uid=ro_user,ou=Special Users,dc=eurodata,dc=de");)
But when I am authenticated with user ro_user, I got information which
are outside the branch ou=AABenutzer,ou=eurodatasb,dc=eurodata,dc=de
What I'm doing wrong???
Thanks
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 6311 bytes
Desc: S/MIME Kryptografische Unterschrift
URL: <http://lists.fedoraproject.org/pipermail/389-users/attachments/20120214/f2e5c7be/attachment.p7s>
More information about the 389-users
mailing list