mirror/openldap
2
0
Fork 0
mirror of https://git.openldap.org/openldap/openldap.git synced 2025-01-06 10:46:21 +08:00
Code Issues Packages Projects Releases Wiki Activity

s/2.3/2.4/ and more (ITS#5400)

Browse Source
This commit is contained in:
Pierangelo Masarati 2008-03-01 16:06:37 +00:00
parent 6fd2217a20
commit 26d39eb977
1 changed files with 6 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
doc/man/man5/slapd.access.5
View File

@ -952,7 +952,8 @@ operation, requires
.B search (=s) .B search (=s)
privileges on the privileges on the
.B entry .B entry
pseudo-attribute of the searchBase (NOTE: this was introduced with 2.3). pseudo-attribute of the searchBase
(NOTE: this was introduced with OpenLDAP 2.4).
Then, for each entry, it requires Then, for each entry, it requires
.B search (=s) .B search (=s)
privileges on the attributes that are defined in the filter. privileges on the attributes that are defined in the filter.
@ -998,6 +999,10 @@ privileges are also required on the
attribute of the authorizing identity and/or on the attribute of the authorizing identity and/or on the
.B authzFrom .B authzFrom
attribute of the authorized identity. attribute of the authorized identity.
In general, when an internal lookup is performed for authentication
or authorization purposes, search-specific privileges (see the access
requirements for the search operation illustrated above) are relaxed to
.BR auth .
.LP .LP
Access control to search entries is checked by the frontend, Access control to search entries is checked by the frontend,