Skip to content
GitLab
Projects
Groups
Snippets
/
Help
Help
Support
Community forum
Keyboard shortcuts
?
Submit feedback
Sign in / Register
Toggle navigation
Menu
Open sidebar
Joe Martin
OpenLDAP
Commits
a8ae12db
Commit
a8ae12db
authored
Jul 12, 1999
by
Kurt Zeilenga
Browse files
Add comment warn about unprotected root dse, cn=config, ....
parent
47947599
Changes
1
Hide whitespace changes
Inline
Side-by-side
tests/data/slapd-acl.conf
View file @
a8ae12db
...
...
@@ -4,12 +4,15 @@
include
./
data
/
slapd
.
at
.
conf
include
./
data
/
slapd
.
oc
.
conf
schemacheck
off
pidfile
./
test
-
db
/
slapd
.
pid
argsfile
./
test
-
db
/
slapd
.
args
#######################################################################
# ldbm database definitions
#######################################################################
database
ldbm
cachesize
0
suffix
"o=University of Michigan, c=US"
directory
./
test
-
db
rootdn
"cn=Manager, o=University of Michigan, c=US"
...
...
@@ -18,19 +21,31 @@ index cn,sn,uid pres,eq,approx
index
default
none
lastmod
on
defaultaccess
none
#
# normal installations should protect root dse,
# cn=monitor, cn=schema, and cn=config
#
access
to
attr
=
objectclass
by
*
read
access
to
attr
=
userpassword
access
to
filter
=
"objectclass=person"
attr
=
userpassword
by
self
write
by
*
compare
access
to
dn
=
".*,ou=Alumni Association,ou=People,o=University of Michigan,c=US"
by
dn
=
".*,o=University of Michigan,c=US"
read
by
anonymous
auth
by
*
none
access
to
dn
=
"^.*,ou=Alumni Association,ou=People,o=University of Michigan,c=US$"
by
dn
=
"^.*,o=University of Michigan,c=US$"
read
by
anonymous
auth
by
*
none
access
to
attr
=
member
by
dnattr
=
member
selfwrite
by
*
read
access
to
filter
=
"objectclass=rfc822mailgroup"
by
dn
=
"Bjorn Jensen,ou=Information Technology Division,ou=People,o=University of Michigan,c=US"
write
by
*
read
access
to
*
by
*
read
Write
Preview
Supports
Markdown
0%
Try again
or
attach a new file
.
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment