X-Git-Url: https://git.tokkee.org/?a=blobdiff_plain;f=contrib%2Fopenldap%2Fslapd.conf;h=38ca72b5a6abc00f93916632dd59b7e99cc204b3;hb=e425ca6aa4d7643cee7236149fd178881cf54b0c;hp=5ab60813c62ac43ca2c8fcfff34c5a0dfea228e4;hpb=20a260246f223d99a386c7434e2eac21897df5ff;p=gosa.git

diff --git a/contrib/openldap/slapd.conf b/contrib/openldap/slapd.conf
index 5ab60813c..38ca72b5a 100644
--- a/contrib/openldap/slapd.conf
+++ b/contrib/openldap/slapd.conf
@@ -112,6 +112,8 @@ moduleload      back_monitor
 
 access to dn.base=""
         by * read
+access to dn.base="cn=Subschema"
+	by * read
 
 access to dn.subtree=cn=Monitor
         by * read
@@ -124,12 +126,15 @@ access to dn.subtree=cn=Monitor
 # changed by the entry owning it if they are authenticated.
 # Others should not be able to see it, except the admin
 # entry below
-access to attrs=userPassword,sambaPwdLastSet,sambaPwdMustChange,sambaPwdCanChange,shadowMax,shadowExpire
+access to attrs=userPassword,userPKCS12,sambaPwdLastSet,sambaPwdMustChange,sambaPwdCanChange,shadowMax,shadowExpire
 	by dn="cn=ldapadmin,dc=gonicus,dc=de" write
 	by dn.regex="uid=[^/]+/admin\+(realm=GONICUS.LOCAL)?" write
 	by anonymous auth
 	by self write
 	by * none 
+access to attrs=shadowLastChange
+        by self write
+        by * read
 
 # Deny access to imap/fax/kerberos admin passwords stored
 # in ldap tree
@@ -215,7 +220,7 @@ index   uid,mail                                               	eq
 index   gosaMailAlternateAddress,gosaMailForwardingAddress     	eq
 index   cn,sn,givenName,ou                                     	pres,eq,sub
 index   objectClass                                            	pres,eq
-index   uidNumber,gidNumber,memberuid                          	eq
+index   uidNumber,gidNumber,memberuid,macAddress              	eq
 index   gosaSubtreeACL,gosaObject,gosaUser                     	pres,eq
 
 # Indexing for Kolab