2023-01-27 04:26:29 +00:00
|
|
|
# At the moment we want to override osixia/ldap to enable anonymous reads
|
|
|
|
dn: olcDatabase={1}{{ LDAP_BACKEND }},cn=config
|
|
|
|
changetype: modify
|
|
|
|
delete: olcAccess
|
|
|
|
-
|
|
|
|
add: olcAccess
|
|
|
|
olcAccess: to * by dn.exact=gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth manage by * break
|
2023-03-31 04:57:12 +00:00
|
|
|
olcAccess: to attrs=userPassword,shadowLastChange by self read by dn="cn=admin,{{ LDAP_BASE_DN }}" write by anonymous read by * read
|
2023-01-27 04:26:29 +00:00
|
|
|
olcAccess: to * by self read by dn="cn=admin,{{ LDAP_BASE_DN }}" write by * read
|