--On Sunday, August 27, 2023 5:21 PM +0000 Marc <[email protected]>
wrote:
olcAccess: {0} to dn.exact=""
by * read
olcAccess: {1} to dn.exact="cn=Subschema"
by * read
The above 2 acls generally go on the frontend DB.
olcAccess: {2} to attrs=userPassword,shadowLastChange
by ssf=256 self read
by ssf=256 anonymous auth
by * none break
...
olcAccess: {7} to dn.subtree="xxxxxx" filter=(objectClass=posixAccount)
attrs= by ssf=64 dn.exact="yyyy" read
by * break
olcAccess: {8} to dn.subtree="xxxxxx"
by ssf=256 dn.exact="yyyy" search
by ssf=256 self read
by anonymous
The rest of these acls generally go on the MDB database. Have you
configured your backend ACLs incorrectly?
What exactly is the issue you're trying to report? Your subject doesn't
really give a solid indication of what the problem is you're having.
--Quanah
