32 lines
697 B
Text
32 lines
697 B
Text
|
|
# database replication
|
|
access to *
|
|
by dn="uid=replicator,cn=config,<%= name %>" read
|
|
by * break
|
|
|
|
# allow everyone to get naming context
|
|
access to dn.base=""
|
|
by * read
|
|
|
|
# allow everyone to get directory root object
|
|
access to dn.base="<%= name %>"
|
|
by * read
|
|
|
|
# schema browsing requires authentication
|
|
access to dn.base="cn=Subschema"
|
|
by users read
|
|
by anonymous auth
|
|
by * none
|
|
|
|
# restrict user password
|
|
access to attrs=userPassword
|
|
by self write
|
|
by anonymous auth
|
|
by * none
|
|
|
|
# allow logged in users to read rest of data
|
|
access to *
|
|
by self read
|
|
by users read
|
|
by anonymous auth
|
|
by * none
|