![[tokkee]](http://tokkee.org/images/avatar.png){kind=avatar}
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 2c16622)
raw | patch | inline | side by side (parent: 2c16622)
| author | cajus <cajus@594d385d-05f5-0310-b6e9-bd551577e9d8> | |
| Tue, 16 Nov 2010 09:14:21 +0000 (09:14 +0000) | ||
| committer | cajus <cajus@594d385d-05f5-0310-b6e9-bd551577e9d8> | |
| Tue, 16 Nov 2010 09:14:21 +0000 (09:14 +0000) |
git-svn-id: https://oss.gonicus.de/repositories/gosa/trunk@20233 594d385d-05f5-0310-b6e9-bd551577e9d8
| gosa-core/contrib/openldap/slapd.conf | patch | blob | history |
index 82e0719442e0214d455ef7172e14983a3bab9b9e..db51ccf7aa00f94d78b3ba737819e36124841b7f 100644 (file)
by self write
by * none
+# The complete config tree should be locked for anonymous access. This
+# rule can be removed if you've non public access, anyway.
+access to dn.sub="ou=configs,ou=systems,dc=gonicus,dc=de"
+ by dn.regex="uid=[^/]+/admin\+(realm=GONICUS.LOCAL)?" write
+ by * none
+
# What trees should be readable, depends on your policy. Either
# use this entry and specify what should be readable, or leave
# the access to * => by * read below untouched