open-ldap-setup/auth.template.ldif

22 lines
729 B
Plaintext
Raw Normal View History

2024-03-28 21:28:27 +00:00
# Add permissions
dn: olcDatabase={1}mdb,cn=config
changetype: modify
delete: olcAccess
-
add: olcAccess
olcAccess: {0}to dn.subtree="ou=people,$BASE_DN" attrs=userPassword
2024-03-28 21:28:27 +00:00
by group/groupOfNames/member="cn=admins,ou=groups,$BASE_DN" =wcdx
by self write
by anonymous auth
by * none
olcAccess: {1}to dn.subtree="ou=people,$BASE_DN" attrs=shadowLastChange,cn,sn
2024-03-28 21:28:27 +00:00
by self write
by * read
olcAccess: {2}to dn.subtree="$BASE_DN"
by dn.exact="gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth" manage
by group/groupOfNames/member="cn=admins,ou=groups,$BASE_DN" write
by * read
olcAccess: {3}to *
by dn.exact="gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth" manage
by * read