From: cajus <cajus@594d385d-05f5-0310-b6e9-bd551577e9d8>
Date: Mon, 3 Dec 2007 10:27:56 +0000 (+0000)
Subject: Updated sample slapd.conf
X-Git-Url: https://git.tokkee.org/?a=commitdiff_plain;h=71c7b2cf149efcc304dc837938e2865311933ef9;p=gosa.git

Updated sample slapd.conf


git-svn-id: https://oss.gonicus.de/repositories/gosa/branches/2.5@7977 594d385d-05f5-0310-b6e9-bd551577e9d8
---

diff --git a/contrib/openldap/slapd.conf b/contrib/openldap/slapd.conf
index 07070d0c2..4c7c0cc6c 100644
--- a/contrib/openldap/slapd.conf
+++ b/contrib/openldap/slapd.conf
@@ -124,12 +124,15 @@ access to dn.subtree=cn=Monitor
 # changed by the entry owning it if they are authenticated.
 # Others should not be able to see it, except the admin
 # entry below
-access to attrs=userPassword,sambaPwdLastSet,sambaPwdMustChange,sambaPwdCanChange,shadowMax,shadowExpire
+access to attrs=userPassword,userPKCS12,sambaPwdLastSet,sambaPwdMustChange,sambaPwdCanChange,shadowMax,shadowExpire
 	by dn="cn=ldapadmin,dc=gonicus,dc=de" write
 	by dn.regex="uid=[^/]+/admin\+(realm=GONICUS.LOCAL)?" write
 	by anonymous auth
 	by self write
 	by * none 
+access to attr=shadowLastChange
+        by self write
+        by * read
 
 # Deny access to imap/fax/kerberos admin passwords stored
 # in ldap tree