meta data for this page
Differences
This shows you the differences between two versions of the page.
Both sides previous revisionPrevious revision | |||
ldap:openldap [2018/08/01 11:05] – niziak | ldap:openldap [2018/08/01 12:05] (current) – niziak | ||
---|---|---|---|
Line 26: | Line 26: | ||
* **BaseDN: ' | * **BaseDN: ' | ||
+ | ===== ACL ===== | ||
+ | [[https:// | ||
+ | |||
+ | Order matters in ACL rules. LDAP will stop looking on the first match. So new acl entries should be inserted before default ones. | ||
+ | |||
+ | Default entries: | ||
+ | < | ||
+ | olcAccess: {0}to attrs=userPassword, | ||
+ | olcAccess: {1}to * by self read by dn=" | ||
+ | </ | ||
+ | * olcAccess: {0}to attrs=userPassword, | ||
+ | * by self write | ||
+ | * by dn=" | ||
+ | * by anonymous auth | ||
+ | * by * none | ||
+ | * olcAccess: {1}to * | ||
+ | * by self read | ||
+ | * by dn=" | ||
+ | * by * none | ||
+ | |||
+ | |||
+ | |||
+ | Giving user: **uid=nextcloudsystemuser, | ||
+ | * Entry to edit: **olcDatabase={1}mdb, | ||
+ | * Attribute to add: **olcAccess** | ||
+ | * to by dn.exact=" | ||
+ | |||
+ | |||
+ | ==== Examples ==== | ||
+ | |||
+ | |||
+ | < | ||
+ | |||
+ | * Give user access to modify photo: < | ||