Dieter Kluenter wrote:
Am Wed, 22 Dec 2010 14:46:50 +0100
schrieb "Thomas D. Dahlmann"<domi...@domingo.dk>:
Hi
I'm trying to add ordinary users write access to a specific ou.
I've googled a lot and haven't really found any useful regarding to
openldap 2.4 (slapd.d format).
What would be the correct syntax for a ldapmodify command to
accomplish this to the dn: ou=addressbook,dc=example,dc=net ?
something like:
ldapmodify -D "cn=config" -W -H ldap://some.host
dn:olcDatabase={1}hdb,cn=config
changetype: modify
replace: olcAccess
olcAccess: {1} to dn.subtree="ou=addressbook,dc=example,dc=net" by
users write by * read
-
The numbers {1} are fictious, replace with your real values.
Do not supply the {x} numbers at all when you're just doing a replace. slapd
generates them itself, so there's no need.
You only need to provide the {x} numbers when you actually want to reference a
specific value in a multivalued attribute. Even then, they're just a
convenience, not absolutely essential.
--
-- Howard Chu
CTO, Symas Corp. http://www.symas.com
Director, Highland Sun http://highlandsun.com/hyc/
Chief Architect, OpenLDAP http://www.openldap.org/project/