Date: Wed, 26 Apr 2006 09:42:37 +0200 From: Erik Norgaard <norgaard@locolomo.org> To: questions@freebsd.org Subject: OpenLDAP: ACL and binddn when dn contains non-ascii chars Message-ID: <444F246D.8030400@locolomo.org>
next in thread | raw e-mail | index | archive | help
Hi:
I'm trying to build my address book, now since my own name contains
non-ascii characters, my cn becomes
cn:: RXJpayBOw7hyZ2FhcmQ=
I wish to restrict access so that each person can edit his own details,
but not search the entire directory, something like this should do:
# Access Control:
access to attrs=userPassword
by self write
by anonymous auth
by * none
access to *
by self write
by dn.base="cn=<myname>,ou=people,dc=domain,dc=tld" read
by * none
But what do I put in place of "cn=<myname>"?
2nd: For now, I have,
access to *
by self write
by users read
by * none
But, what do I set as binddn? I am using the address book with
Thunderbird and I don't know if it is smart enough to convert iso chars
to utf-8.
Thanks, Erik
--
Ph: +34.666334818 web: www.locolomo.org
S/MIME Certificate: www.daemonsecurity.com/ca/8D03551FFCE04F0C.crt
Subject ID: 69:79:B8:2C:E3:8F:E7:BE:5D:C3:C3:B1:74:62:B8:3F:9F:1F:69:B9
Fingerprint: 7F:80:96:EA:95:92:E2:23:1F:FA:0F:98:92:C2:CC:55:6B:9A:8C:92
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?444F246D.8030400>