zoukankan      html  css  js  c++  java
  • ldap/sldap

    给新建的账户赋权限也是通过修改配置文件/etc/openldap/slapd.conf来实现,具体的增加的内容如下:

    如上面示例中就定义了两个用户,一个是只读用户cn=bbs,dc=361way,dc=com和一个可写用户cn=bbsadmin,dc=361way,dc=com 以及这两个用户对所列的字段、正则匹配的用户有相应的权限 。

    # Personal LDAP address book.
    access to dn.regex="cn=[^,]+,mail=([^,]+)@([^,]+),ou=Users,domainName=([^,]+),o=domains,dc=361way,dc=com$"
        by anonymous                    none
        by self                         none
        by dn.exact="cn=bbs,dc=361way,dc=com"   read
        by dn.exact="cn=bbsadmin,dc=361way,dc=com"  write
        by dn.regex="mail=$1@$2,ou=Users,domainName=$3,o=domains,dc=361way,dc=com$" write
        by users                        none
    # Allow users to change their own passwords and mail forwarding addresses.
    access to attrs="userPassword,mailForwardingAddress"
        by anonymous    auth
        by self         write
        by dn.exact="cn=bbs,dc=361way,dc=com"   read
        by dn.exact="cn=bbsadmin,dc=361way,dc=com"  write
        by users        none
    # Allow to read others public info.
    access to attrs="cn,sn,gn,givenName,telephoneNumber"
        by anonymous    auth
        by self         write
        by dn.exact="cn=bbs,dc=361way,dc=com"   read
        by dn.exact="cn=bbsadmin,dc=361way,dc=com"  write
        by users        read

  • 相关阅读:
    linux执行命令并获取结果(system)
    awk----基本用法
    shell用法总结
    autoit(au3)使用说明
    博客搜集
    vi常用快捷键总结
    python简单学------------程序传参数,列表推导式,set、list、tuple 转换
    python简单学------------模块
    python简单学------------python面向对象(3)
    python简单学------------python面向对象(2)
  • 原文地址:https://www.cnblogs.com/SZLLQ2000/p/10766298.html
Copyright © 2011-2022 走看看