2012/11/23 Kiran Ayyagari
the branch to which you want to add the prescriptiveACI
> add the attribute administrativeRole with the value
> accessControlSpecificArea
>
Thanks!
How to write ACI to allow to read only own userPassword field?
--
Regards,
Eugene Prokopiev
the branch to which you want to add the prescriptiveACI
add the attribute administrativeRole with the value
accessControlSpecificArea
On Fri, Nov 23, 2012 at 1:20 PM, Eugene Prokopiev wrote:
> The problem is \"enableSearchForAllUsers\" substring, backslashes are not
> needed.
>
> Now I have anot
The problem is \"enableSearchForAllUsers\" substring, backslashes are not
needed.
Now I have another problem:
$ ldapadd -h localhost -p 10389 -D "uid=admin,ou=system" -W -f aci.ldif
Enter LDAP Password:
adding new entry "cn=enableSearchForAllUsers,dc=home"
ldap_add: No such attribute (16)
looks like the lack of precedence value in user permissions is causing this
try this(note that the only addition is 'precedence 1,')
{
identificationTag "enableSearchForAllUsers",
precedence 11,
authenticationLevel simple,
itemOrUserFirst userFirst:
{
userClasses { allU
I tried to allow search for all users as described in
http://directory.apache.org/apacheds/1.5/enablesearchforallusers.html:
$ ldapadd -h localhost -p 10389 -D "uid=admin,ou=system" -W -f aci.ldif
Enter LDAP Password:
adding new entry "cn=enableSearchForAllUsers,dc=home"
ldap_add: Invalid syntax (
2012/11/22 Kiran Ayyagari
> try after calling
>
> directory.setAccessControlEnabled(true);
>
Thanks, it helps.
How I have new tasks:
1) how to change default admin password?
2) how to define ACLs which looks like:
access to attrs=userPassword
by self write
by anonymous auth
by * n
2012/11/22 Pierre-Arnaud Marcelot
>
> It should be complicated to disable anonymous access on 2.0.
>
Is possible to restrict anonymous read access only to userPassword field
and write access for anybody except admin account?
How can I implement with ApacheDS something like:
access to attrs=use
try after calling
directory.setAccessControlEnabled(true);
On Thu, Nov 22, 2012 at 6:39 PM, Eugene Prokopiev wrote:
> Hi,
>
> Is it possible to disable anonymous access for embedded ApacheDS? I tried
> to do this:
>
> public class Application {
> public static void main(String[] args) throw
Hi Eugene,
You'd rather use ApacheDS 2.0.
Even if we're still only releasing milestone versions (and the documentation is
mostly lacking), it's way better than using any other older version.
It should be complicated to disable anonymous access on 2.0.
Regards,
Pierre-Arnaud
On 22 nov. 2012,
Hi,
Is it possible to disable anonymous access for embedded ApacheDS? I tried
to do this:
public class Application {
public static void main(String[] args) throws Exception {
DirectoryService directory = new DefaultDirectoryService();
directory.startup();
LdapServer ld
10 matches
Mail list logo