Separate slapd.conf.d snippets from ldif snippets.

author: Jonas Smedegaard <dr@jones.dk> 2008-10-26 23:11:42 +0100
committer: Jonas Smedegaard <dr@jones.dk> 2008-10-26 23:11:42 +0100
commit: 424da2513779d64e753a58fd43132a5166c2e945 (patch)
tree: ee7600c3b922469e646f4bb1ec4efaf362d38ead /ldap/slapd.conf.d/08_base.conf.in
parent: 637d73aa6e6fb24cd57dc8063af55a203f8ccc64 (diff)
1 files changed, 10 insertions, 0 deletions
diff --git a/ldap/slapd.conf.d/08_base.conf.in b/ldap/slapd.conf.d/08_base.conf.in
new file mode 100644
index 0000000..1d78c6a
--- /dev/null
+++ b/ldap/slapd.conf.d/08_base.conf.in
@@ -0,0 +1,10 @@
+# The userPassword by default can be changed
+# by the entry owning it if they are authenticated.
+# Others should not be able to see it, except the
+# admin entry below
+access to dn.subtree="ou=SAM,@SUFFIX@" attrs=userpassword,shadowLastChange
+        by dn.exact="@ADMIN@" write
+	by group="cn=SAM,ou=Administrators,ou=Access Control,@SUFFIX@" write
+        by anonymous auth
+        by self write
+        by * none
author	Jonas Smedegaard <dr@jones.dk>	2008-10-26 23:11:42 +0100
committer	Jonas Smedegaard <dr@jones.dk>	2008-10-26 23:11:42 +0100
commit	424da2513779d64e753a58fd43132a5166c2e945 (patch)
tree	ee7600c3b922469e646f4bb1ec4efaf362d38ead /ldap/slapd.conf.d/08_base.conf.in
parent	637d73aa6e6fb24cd57dc8063af55a203f8ccc64 (diff)