Thread: ZCS 6.0 rc1 samba integration problem
View Single Post
  #10 (permalink)  
Old 09-21-2009, 01:01 PM
peracchi peracchi is offline
Intermediate Member
  
Posts: 24
Default
Hi quanah!

I have made copy/paste from UNIX and Windows Accounts in Zimbra LDAP and Zimbra Admin UI 6.0 ( UNIX and Windows Accounts in Zimbra LDAP and Zimbra Admin UI 6.0 - Zimbra :: Wiki )

From that page:

Code:
dn: olcDatabase={2}hdb,cn=config
changetype:modify
delete: olcAccess
olcAccess: {9}to attrs=entry  by dn.children="cn=admins,cn=zimbra" write  by * read
-
add: olcAccess
olcAccess: {9}to attrs=entry  by dn.children="cn=admins,cn=zimbra" write  by dn.exact="uid=zmposixroot,cn=appaccts,cn=zimbra" write  by * read

dn: olcDatabase={2}hdb,cn=config
changetype:modify
add: olcAccess
olcAccess: {10}to dn.subtree="dc=gregzimbra1,dc=zimbra,dc=com"  by dn.children="cn=admins,cn=zimbra" write by dn.exact="uid=zmposixroot,cn=appaccts,cn=zimbra" write  by dn.exact="uid=zmposix,cn=appaccts,cn=zimbra" read  by * none
olcAccess: {11}to dn.subtree="ou=machines,dc=gregzimbra1,dc=zimbra,dc=com"  by dn.children="cn=admins,cn=zimbra" write  by dn.exact="uid=zmposixroot,cn=appaccts,cn=zimbra" write  by dn.exact="uid=zmposix,cn=appaccts,cn=zimbra" read  by * none
olcAccess: {12}to dn.subtree="ou=groups,dc=gregzimbra1,dc=zimbra,dc=com"  by dn.children="cn=admins,cn=zimbra" write  by dn.exact="uid=zmposixroot,cn=appaccts,cn=zimbra" write  by dn.exact="uid=zmposix,cn=appaccts,cn=zimbra" read  by * none
olcAccess: {13}to dn.subtree="ou=people,dc=gregzimbra1,dc=zimbra,dc=com"  by dn.children="cn=admins,cn=zimbra" write  by dn.exact="uid=zmposixroot,cn=appaccts,cn=zimbra" write  by dn.exact="uid=zmposix,cn=appaccts,cn=zimbra" read  by * none
Then I done at zimbra:

Code:
echo "
dn: olcDatabase={2}hdb,cn=config
changetype:modify
delete: olcAccess
olcAccess: {9}to attrs=entry  by dn.children="cn=admins,cn=zimbra" write  by * read
-
add: olcAccess
olcAccess: {9}to attrs=entry  by dn.children="cn=admins,cn=zimbra" write  by dn.exact="uid=zmposixroot,cn=appaccts,cn=zimbra" write  by * read

dn: olcDatabase={2}hdb,cn=config
changetype:modify
add: olcAccess
olcAccess: {10}to dn.subtree="dc=example,dc=com" by dn.children="cn=admins,cn=zimbra" write by dn.exact="uid=zmposixroot,cn=appaccts,cn=zimbra" write by dn.exact="uid=zmposix,cn=appaccts,cn=zimbra" read by * none
olcAccess: {11}to dn.subtree="ou=machines,dc=example,dc=com" by dn.children="cn=admins,cn=zimbra" write by dn.exact="uid=zmposixroot,cn=appaccts,cn=zimbra" write by dn.exact="uid=zmposix,cn=appaccts,cn=zimbra" read by * none
olcAccess: {12}to dn.subtree="ou=groups,dc=example,dc=com" by dn.children="cn=admins,cn=zimbra" write by dn.exact="uid=zmposixroot,cn=appaccts,cn=zimbra" write by dn.exact="uid=zmposix,cn=appaccts,cn=zimbra" read by * none
olcAccess: {13}to dn.subtree="ou=people,dc=example,dc=com" by dn.children="cn=admins,cn=zimbra" write by dn.exact="uid=zmposixroot,cn=appaccts,cn=zimbra" write by dn.exact="uid=zmposix,cn=appaccts,cn=zimbra" read by * none
" | tee /tmp/acl.ldif

ldapmodify -f /tmp/acl.ldif -x -H ldapi:/// -D cn=config -W
Reply With Quote