KazV2/dockers/ldap/base/acl.ldif.tmpl

dn: olcDatabase={2}mdb,cn=config
changeType: modify
replace: olcAccess
olcAccess: {0}to attrs=userPassword,shadowLastChange
  by self write
  by anonymous auth
  by dn="cn=ldapui,ou=applications,$LDAPROOT" write
  by dn="$BINDDN" write
  by * none
olcAccess: {1}to dn.subtree="$LDAPROOT"
  by self read
  by dn="cn=ldapui,ou=applications,$LDAPROOT" read
  by dn="cn=postfix,ou=applications,$LDAPROOT" read
  by dn="cn=mattermost,ou=applications,$LDAPROOT" read
  by dn="cn=cloud,ou=applications,$LDAPROOT" read
  by dn="cn=mobilizon,ou=applications,$LDAPROOT" read
  by dn="$BINDDN" write
  by * none
olcAccess: {2}to *
  by dn="$BINDDN" write
  by * none
first commit 2024-06-03 18:43:35 +02:00			`dn: olcDatabase={2}mdb,cn=config`
			`changeType: modify`
			`replace: olcAccess`
			`olcAccess: {0}to attrs=userPassword,shadowLastChange`
			`by self write`
			`by anonymous auth`
			`by dn="cn=ldapui,ou=applications,$LDAPROOT" write`
			`by dn="$BINDDN" write`
			`by * none`
			`olcAccess: {1}to dn.subtree="$LDAPROOT"`
			`by self read`
			`by dn="cn=ldapui,ou=applications,$LDAPROOT" read`
			`by dn="cn=postfix,ou=applications,$LDAPROOT" read`
			`by dn="cn=mattermost,ou=applications,$LDAPROOT" read`
			`by dn="cn=cloud,ou=applications,$LDAPROOT" read`
			`by dn="cn=mobilizon,ou=applications,$LDAPROOT" read`
			`by dn="$BINDDN" write`
			`by * none`
			`olcAccess: {2}to *`
			`by dn="$BINDDN" write`
			`by * none`