[cvs] [Wiki] changed: NewLDAPHowTo
Ben Chavet
ben at horde.org
Sat Jun 4 16:48:00 PDT 2005
ben Sat, 04 Jun 2005 16:47:59 -0700
Modified page: http://wiki.horde.org/NewLDAPHowTo
New Revision: 1.18
@@ -16,11 +16,11 @@
We will be using the following standards and assumptions throughout this document. Please adjust accordingly to your situation.
* The LDAP directory is on the same machine we are installing Horde on.
-* LDAP directory security accounts are stored in {{ou=DSA,dc=example,dc=com}}, which already exists.
* The LDAP directory does not allow anonymous binding.
* The LDAP administrative account is {{cn=root,dc=example,dc=com}}.
+* The LDAP directory security accounts will be stored in {{ou=DSA,dc=example,dc=com}}
* !OpenLDAP 2.1.29-1 running on a Fedora Core 2 machine is used for this example.
----
@@ -41,8 +41,12 @@
Put the following in a file named {{horde.ldif}}. Don't worry about the password values just yet, we'll be changing them in a minute. Also, make sure to adjust the //dn// values for your directory.
<code>
+dn: ou=DSA,dc=example,dc=com
+objectclass: organizationalUnit
+ou: DSA
+
dn: cn=horde,ou=DSA,dc=example,dc=com
objectclass: organizationalRole
objectClass: top
objectClass: simpleSecurityObject
@@ -90,11 +94,21 @@
These are the **minimum** directory permissions required for horde to work properly.
<code>
+### ou=DSA Permissions ###
+
access to dn.children="ou=DSA,dc=example,dc=com"
+ attrs=userPassword
+ by self write
by anonymous auth
by * none
+
+access to dn.children="ou=DSA,dc=example,dc=com"
+ by self read
+ by * none
+
+### ou=horde Permissions ###
access to dn.children="ou=horde,dc=example,dc=com"
attrs=userPassword
by dn="cn=horde,ou=DSA,dc=example,dc=com" write
More information about the cvs
mailing list