|
- dn: olcDatabase={1}mdb,cn=config
- changetype: modify
- delete: olcAccess
- -
- add: olcAccess
- olcAccess: {0}to dn.subtree="{{ base_dn }}" attrs=userPassword
- by self write
- by dn.base="cn=admin,{{ base_dn }}" write
- by dn.children="ou=dsa,{{ base_dn }}" write
- by anonymous auth
- by * none
- -
- add: olcAccess
- olcAccess: {1}to dn.subtree="ou=people,{{ base_dn }}"
- by self read
- by dn.base="uid=test.user,ou=people,{{ base_dn }}" write
- by dn.base="cn=admin,{{ base_dn }}" write
- by dn.children="ou=dsa,{{ base_dn }}" read
- by anonymous auth
- by * none
- -
- add: olcAccess
- olcAccess: {2}to attrs=userPassword,shadowLastChange
- by self write
- by anonymous auth
- by dn="cn=admin,{{ base_dn }}" write
- by * none
- -
- add: olcAccess
- olcAccess: {3}to dn.subtree="{{ base_dn }}"
- by self read
- by dn.base="cn=admin,{{ base_dn }}" write
- by dn.children="ou=dsa,{{ base_dn }}" write
- by * none
- -
- add: olcAccess
- olcAccess: {4}to dn.base=""
- by * none
|