Openldap 配置用户权限

新增示例:

change_olcAccess.ldif

dn: olcDatabase={2}hdb,cn=config
changetype: modify
add: olcAccess
olcAccess: to * 
    by dn.exact="uid=gitlab,dc=example,dc=com" read
    by dn.exact="uid=jenkins,dc=example,dc=com" read
    by self read
    by self write
    by * auth

ldapmodify -Y EXTERNAL -H ldapi:/// -f change_olcAccess.ldif

更新示例:
dn: olcDatabase={2}hdb,cn=config
changetype: modify
delete: olcAccess
olcAccess: {0}
olcAccess: {1}
-
add: olcAccess
olcAccess: to * by dn.exact="uid=gitlab,dc=example,dc=com" read by * auth
-
add: olcAccess
olcAccess: xxxxxxxx

参考:
https://www.openldap.org/doc/admin24/access-control.html
http://www.361way.com/ldap-adduser-grants/2825.html

你可能感兴趣的:(Openldap 配置用户权限)