Thanks Buchan,
The above ACL seems a bit weird ... you probably want this 2nd-last.
it's weird probably because I have really know clue as to what I'm
doing. I just removed it.
Move these attributes into their own ACL, so that you instead have:
access to
attrs=userPassword
by self write
by * auth
access to
attrs=telephoneNumber,homePhone,homePostalAddress
by users write
by * read
access to *
by anonymous read
Finally, you may also consider using a group for the write ACLs, so
that
simply setting a password for a user doesn't compromise your ACLs.
Sorry, I'm not clear on what you mean about using a group. If you
have time could you elaborate?
Well now it seems to be working okay. Users with passwords can view
the "advanced" fields and can also add/delete entries. Anonymous
users can view "basic" info. I did edit one thing though. I changed:
access to *
by anonymous read
to:
access to *
by users write
by anonymous read
because authenticated users couldn't view anything without it. Was
that incorrect?
Regards,
Buchan
--
Buchan Milne
ISP Systems Specialist
B.Eng,RHCE(803004789010797),LPIC-2(LPI000074592)
