Slapd olcAccess(ACL)实用程序
slapd-acl的Python项目详细描述
前交叉韧带
slapd olcAccess(ACLs)实用程序,您的嗅觉以一种人类可读的方式。在
要求
ldap搜索
设置
pip3 install slapd_acl
用法
使用ldapi和mdb(默认行为)
^{pr2}$指定基
slapd_acl -b 'olcDatabase={0}config,cn=config'
使用不同的参数
usage: slapd_acl [-h] [-H H] [-Y Y] [-D D] [-w W] [-b B] [-ldif] [-enc ENC]
optional arguments:
-h, --help show this help message and exit
-H H LDAP URL
-Y Y SASL mechanism
-D D example cn:admin,dc=example,dc=org
-w W the user password
-b B Base LDAP Search
-ldif print a modify ldif
-enc ENC encoding
修改ldif
-ldif
选项使输出为ldif modify格式。在
示例
root@ldapmaster:~# slapd_acl -ldif
Executing:
ldapsearch -Y EXTERNAL -H ldapi:/// -b 'olcDatabase={1}mdb,cn=config' -s base 'olcAccess' -LLL
SASL/EXTERNAL authentication started
SASL username: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth
SASL SSF: 0
dn: olcDatabase={1}mdb,cn=config
changeType: modify
replace: olcAccess
olcAccess: to *
by dn.exact=gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth manage
by dn.exact="cn=admin,dc=testunical,dc=it" manage
by * break
olcAccess: to attrs=userPassword,shadowLastChange,mail
by self write
by anonymous auth
by * break
olcAccess: to *
by dn.children="ou=repl,dc=testunical,dc=it" read
by * break
olcAccess: to dn.subtree="ou=people,dc=testunical,dc=it"
by dn.children="ou=idp,dc=testunical,dc=it" read
by self read
by * break
olcAccess: to *
by anonymous auth
by * break
作者
朱塞佩·德马尔科
- 项目
标签: