tom/ansible
1
0
Fork 0
forked from infra/ansible
Code Issues Pull Requests Projects Releases Wiki Activity

slapd: implement proper ACL

Browse Source
This commit is contained in:
Markus 2019-05-13 20:03:20 +02:00
parent 6fec0e62bc
commit 00826a8d14
1 changed files with 27 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

31
roles/slapd/templates/slapd.conf.j2
View File

@ -45,16 +45,39 @@ moduleload syncprov.la
# ACL # ACL
####################################################################### #######################################################################
access to dn.base="" by * read access to dn.base=""
access to dn.base="cn=Subschema" by * read by * read
access to dn.base="cn=Subschema"
by * read
access to dn.one="ou=people,dc=binary-kitchen,dc=de" attrs=userPassword
by self write
by group="cn=admin,dc=binary-kitchen,dc=de" write
by anonymous auth
by * none
access to dn.one="ou=people,dc=binary-kitchen,dc=de" attrs=loginShell
by self write
by group="cn=admin,dc=binary-kitchen,dc=de" write
by users read
by * none
access to dn.one="ou=people,dc=binary-kitchen,dc=de"
by group="cn=admin,dc=binary-kitchen,dc=de" write
by self read
by users read
by * none
access to dn.one="ou=groups,dc=binary-kitchen,dc=de" attrs=memberUid
by group="cn=admin,dc=binary-kitchen,dc=de" write
by self read
by users read
by * none
access to attrs=userPassword access to attrs=userPassword
by self write by self write
by anonymous auth by anonymous auth
by * read by * none
access to attrs=loginShell access to attrs=loginShell
by self write by self write
by group="cn=admin,dc=binary-kitchen,dc=de" write
by users read by users read
by * read by * none
access to * access to *
by self read by self read
by users read by users read