I made a dedicated ldap user to be used by Service-Desk with the following olcAccess :
dn: olcDatabase={1}mdb,cn=config
changetype: modify
add: olcAccess
olcAccess: {1}to dn.subtree="ou=ppolicies,dc=dom" by dn="cn=bot ldap,ou=users,dc=dom" read by * break
-
add: olcAccess
olcAccess: {2}to dn.subtree="ou=users,dc=dom" attr=userPassword by dn="cn=bot ldap,ou=users,dc=dom" write by * break
-
add: olcAccess
olcAccess: {3}to dn.subtree="ou=users,dc=dom" by dn="cn=bot ldap,ou=users,dc=dom" read by * break
Everything is working well except for the locking/unlocking feature of LDAP accounts.
I can't manage to get the proper access rules for that feature, if anyone could share it, I would be a happy man.
Hello,
I made a dedicated ldap user to be used by Service-Desk with the following olcAccess :
Everything is working well except for the locking/unlocking feature of LDAP accounts. I can't manage to get the proper access rules for that feature, if anyone could share it, I would be a happy man.
thanks