[tokkee]

tokkee.org

Code

projects / gosa.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Updated sample slapd.conf
[gosa.git] / contrib / openldap / slapd.conf
diff --git a/contrib/openldap/slapd.conf b/contrib/openldap/slapd.conf
index 07070d0c2fb92109410ddfc68b27b392a8746700..4c7c0cc6c71f1f742ea4ffcaa7a9ca70f3a792fb 100644 (file)
--- a/contrib/openldap/slapd.conf
+++ b/contrib/openldap/slapd.conf
@@ -124,12 +124,15 @@ access to dn.subtree=cn=Monitor
 # changed by the entry owning it if they are authenticated.
 # Others should not be able to see it, except the admin
 # entry below
-access to attrs=userPassword,sambaPwdLastSet,sambaPwdMustChange,sambaPwdCanChange,shadowMax,shadowExpire
+access to attrs=userPassword,userPKCS12,sambaPwdLastSet,sambaPwdMustChange,sambaPwdCanChange,shadowMax,shadowExpire
        by dn="cn=ldapadmin,dc=gonicus,dc=de" write
        by dn.regex="uid=[^/]+/admin\+(realm=GONICUS.LOCAL)?" write
        by anonymous auth
        by self write
        by * none 
+access to attr=shadowLastChange
+        by self write
+        by * read
 
 # Deny access to imap/fax/kerberos admin passwords stored
 # in ldap tree
GONICUS system administrator (SVN clone)