Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- ########################
- # To modify openldap ACL
- ########################
- # delete the existing ACL
- # delete-acl.ldif
- dn: olcDatabase={1}hdb,cn=config
- changetype: modify
- delete: olcAccess
- olcAccess: {0}
- olcAccess: {1}
- # Add ACL for
- # 'userPassword' write access to 'admin' and 'itadmin'
- # read access to anonymous
- # write access to self
- # add-acl.ldif
- dn: olcDatabase={1}hdb,cn=config
- changetype: modify
- add: olcAccess
- olcAccess: to attrs=userPassword,shadowLastChange by dn="cn=admin,dc=example,dc=in" write by dn="uid=itadmin,ou=people,dc=example,dc=in" write by anonymous auth by self write by * none
- olcAccess: to dn.base="" by * read
- olcAccess: to * by self write by dn="cn=admin,dc=example,dc=in" write by * read
- # To add acl use ldapmodify cmd in shell prompt
- $ HOST=cit_openldap
- $ CFGPASS=configpass
- $ ldapmodify -x -h $HOST -D "cn=admin,cn=config" -w $CFGPASS -f /tmp/dacl.ldif
Add Comment
Please, Sign In to add comment