2024-03-28 21:28:27 +00:00
|
|
|
# Add permissions
|
|
|
|
dn: olcDatabase={1}mdb,cn=config
|
|
|
|
changetype: modify
|
|
|
|
delete: olcAccess
|
|
|
|
-
|
|
|
|
add: olcAccess
|
2024-10-15 21:23:00 +00:00
|
|
|
olcAccess: {0}to dn.subtree="ou=people,$BASE_DN" attrs=userPassword
|
2024-03-28 21:28:27 +00:00
|
|
|
by group/groupOfNames/member="cn=admins,ou=groups,$BASE_DN" =wcdx
|
|
|
|
by self write
|
|
|
|
by anonymous auth
|
|
|
|
by * none
|
2024-10-15 21:23:00 +00:00
|
|
|
olcAccess: {1}to dn.subtree="ou=people,$BASE_DN" attrs=shadowLastChange,cn,sn
|
2024-03-28 21:28:27 +00:00
|
|
|
by self write
|
|
|
|
by * read
|
|
|
|
olcAccess: {2}to dn.subtree="$BASE_DN"
|
|
|
|
by dn.exact="gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth" manage
|
|
|
|
by group/groupOfNames/member="cn=admins,ou=groups,$BASE_DN" write
|
|
|
|
by * read
|
|
|
|
olcAccess: {3}to *
|
|
|
|
by dn.exact="gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth" manage
|
|
|
|
by * read
|