11 lines
581 B
Plaintext
Executable File
11 lines
581 B
Plaintext
Executable File
dn: olcDatabase={1}{{ LDAP_BACKEND }},cn=config
|
|
changetype: modify
|
|
delete: olcAccess
|
|
-
|
|
add: olcAccess
|
|
olcAccess: to * by dn.exact=gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth manage by * break
|
|
olcAccess: to * by dn="cn=admin,{{ LDAP_BASE_DN }}" manage by * break
|
|
olcAccess: to * by set.expand="([cn=ldap_admin,ou=groups,{{ LDAP_BASE_DN }}])/member & user" write by * break
|
|
olcAccess: to attrs=userPassword,shadowLastChange by self =w by anonymous auth by * none
|
|
olcAccess: to * by self read by dn="cn={{ LDAP_READONLY_USER_USERNAME }},{{ LDAP_BASE_DN }}" read by * none
|