[389-users] ACI question
Matti Alho
listat at alho.fi
Fri Sep 21 11:26:37 UTC 2012
Hi,
One ACI related question. I've been learning to use ACIs and read
various documentation. Let's say we have the following structure.
...
cn=Customer1,ou=Sales,dc=domain,dc=com
cn=Customer2,ou=Sales,dc=domain,dc=com
....
Then we have servers authenticating using credentials.
...
uid=server1,cn=VirtualServers,ou=Servers,dc=domain,dc=com
uid=server2,cn=VirtualServers,ou=Servers,dc=domain,dc=com
...
Question: What kind of ACI is needed to limit server1 access to read
Customer1 entry only?
Would I need to create an ACI for each server separately? I was
wondering that one should limit the amount of ACIs, so is there some
other way to achieve this? Thanks for help!
More information about the 389-users
mailing list