From f42b985e122a761c4575b416c23832f874b243df Mon Sep 17 00:00:00 2001
From: Benjamin Dauvergne <bdauvergne@entrouvert.com>
Date: Wed, 8 Jun 2016 12:02:33 +0200
Subject: [PATCH] =?UTF-8?q?db.ldif:=20correction=20aux=20ACL=20pour=20perm?=
 =?UTF-8?q?ettre=20un=20acc=C3=A8s=20total=20aux=20utilisateurs=20locaux?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 poc-1/db.ldif | 10 ++++++++--
 1 file changed, 8 insertions(+), 2 deletions(-)

diff --git a/poc-1/db.ldif b/poc-1/db.ldif
index 0df1bd7..af32e85 100644
--- a/poc-1/db.ldif
+++ b/poc-1/db.ldif
@@ -9,7 +9,13 @@ olcAccess: {0}to attrs=userPassword
   by anonymous auth
   by dn="cn=admin,dc=cfdt,dc=fr" write
   by * none
-olcAccess: {1}to dn.base="" by * read
-olcAccess: {2}to * by self write by dn="cn=admin,dc=cfdt,dc=fr" write by * read
+olcAccess: {1}to dn.base=""
+  by dn.regex="gidNumber=.*+uidNumber=.*,cn=peercred,cn=external,cn=auth" manage
+  by * read
+olcAccess: {2}to *
+  by dn.regex="gidNumber=.*+uidNumber=.*,cn=peercred,cn=external,cn=auth" manage
+  by self write
+  by dn="cn=admin,dc=cfdt,dc=fr" write
+  by * read
 olcRootDN: dc=cfdt,dc=fr
 olcRootPW: admin