olcDatabase={1}hdb.ldif의 일부입니다.
olcAccess: {0}to attrs=userPassword,shadowLastChange
by self write
by anonymous auth
by dn="cn=admin,dc=somesite,dc=com" write
by * none
olcAccess: {1}to dn.base="" by * read
olcAccess: {2}to *
by self write
by dn="cn=admin,dc=somesite,dc=com" write
by * read
and 라인 by dn="cn=anotheruser,ou=Users,dc=somesite,dc=com" write에 추가하고 싶습니다 .{0}{2}
LDAP 서버를 파괴하기 전에,다음 LDIF가 맞나요?
dn: olcDatabase{1}hdb,cn=config
changetype: modify
replace: olcAccess
olcAccess: {0}to attrs=userPassword,shadowLastChange
by dn="cn=admin,dc=somesite,dc=com" write
by dn="uid=anotheruser,ou=Users,dc=somesite,dc=com" write
by anonymous auth
by self write
by * none
olcAccess: {2}to *
by self write
by dn="cn=admin,dc=somesite,dc=com" write
by dn="cn=anotheruser,ou=Users,dc=somesite,dc=com" write
by * read
와 함께:ldapmodify -Y EXTERNAL -H ldapi:/// -f ./changes.ldif
내 우려 사항은 다음과 같습니다.
- 3개 줄이 있습니다
olcAccess:. {1} 줄을 포함하지 않았으므로 ldif 변경 사항을 커밋한 후에도 계속 남아 있을까요? - 줄 이
replace: olcAccess맞나요?
답변1
이 ldif는 이전 명령으로 나에게 효과적이었습니다.
dn: olcDatabase{1}hdb,cn=config
changetype: modify
replace: olcAccess
olcAccess: {0}to attrs=userPassword,shadowLastChange
by dn="cn=admin,dc=somesite,dc=com" write
by dn="uid=anotheruser,ou=Users,dc=somesite,dc=com" write
by anonymous auth
by self write
by * none
olcAccess: {1}to dn.base="" by * read
olcAccess: {2}to *
by self write
by dn="cn=admin,dc=somesite,dc=com" write
by dn="cn=anotheruser,ou=Users,dc=somesite,dc=com" write
by * read