db.ldif: correction aux ACL pour permettre un accès total aux utilisateurs locaux

2016-06-08 12:02:33 +02:00 · 2016-06-08 12:02:33 +02:00 · f42b985e12
parent cd56fc1f69
commit f42b985e12
1 changed files with 8 additions and 2 deletions
--- a/poc-1/db.ldif
+++ b/poc-1/db.ldif
@ -9,7 +9,13 @@ olcAccess: {0}to attrs=userPassword
  by anonymous auth
  by dn="cn=admin,dc=cfdt,dc=fr" write
  by * none
-olcAccess: {1}to dn.base="" by * read
-olcAccess: {2}to * by self write by dn="cn=admin,dc=cfdt,dc=fr" write by * read
+olcAccess: {1}to dn.base=""
+  by dn.regex="gidNumber=.*+uidNumber=.*,cn=peercred,cn=external,cn=auth" manage
+  by * read
+olcAccess: {2}to *
+  by dn.regex="gidNumber=.*+uidNumber=.*,cn=peercred,cn=external,cn=auth" manage
+  by self write
+  by dn="cn=admin,dc=cfdt,dc=fr" write
+  by * read
 olcRootDN: dc=cfdt,dc=fr
 olcRootPW: admin