Commit a8ae12db authored by Kurt Zeilenga's avatar Kurt Zeilenga
Browse files

Add comment warn about unprotected root dse, cn=config, ....

parent 47947599
......@@ -4,12 +4,15 @@
include ./data/slapd.at.conf
include ./data/slapd.oc.conf
schemacheck off
pidfile ./test-db/slapd.pid
argsfile ./test-db/slapd.args
#######################################################################
# ldbm database definitions
#######################################################################
database ldbm
cachesize 0
suffix "o=University of Michigan, c=US"
directory ./test-db
rootdn "cn=Manager, o=University of Michigan, c=US"
......@@ -18,19 +21,31 @@ index cn,sn,uid pres,eq,approx
index default none
lastmod on
defaultaccess none
#
# normal installations should protect root dse,
# cn=monitor, cn=schema, and cn=config
#
access to attr=objectclass
by * read
access to attr=userpassword
access to filter="objectclass=person" attr=userpassword
by self write
by * compare
access to dn=".*,ou=Alumni Association,ou=People,o=University of Michigan,c=US"
by dn=".*,o=University of Michigan,c=US"
read
by anonymous auth
by * none
access to dn="^.*,ou=Alumni Association,ou=People,o=University of Michigan,c=US$"
by dn="^.*,o=University of Michigan,c=US$" read
by anonymous auth
by * none
access to attr=member
by dnattr=member selfwrite
by * read
access to filter="objectclass=rfc822mailgroup"
by dn="Bjorn Jensen,ou=Information Technology Division,ou=People,o=University of Michigan,c=US" write
by * read
access to * by * read
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment