[389-users] ACI for read only access
Rich Megginson
rmeggins at redhat.com
Tue Feb 14 14:09:55 UTC 2012
On 02/14/2012 12:17 AM, Walter Neu wrote:
> Hi all,
>
> I'm confused about ACI and need some help from the experts....
>
>
> I want to create an ACI for read only access to a certain branch of my
> LDAP tree. Therefor I created the following ACI
>
>
> (targetattr = "userPassword || uid") (target =
> "ldap:///ou=AABenutzer,ou=eurodatasb,dc=eurodata,dc=de") (version
> 3.0;acl "read only";allow (read)(userdn =
> "ldap:///uid=ro_user,ou=Special Users,dc=eurodata,dc=de");)
>
> But when I am authenticated with user ro_user, I got information which
> are outside the branch ou=AABenutzer,ou=eurodatasb,dc=eurodata,dc=de
>
> What I'm doing wrong???
In which entry did you set this aci?
>
> Thanks
>
>
> --
> 389 users mailing list
> 389-users at lists.fedoraproject.org
> https://admin.fedoraproject.org/mailman/listinfo/389-users
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.fedoraproject.org/pipermail/389-users/attachments/20120214/574a8312/attachment.html>
More information about the 389-users
mailing list