ldap basic

[Gordon Messmer]

Tony Heaton wrote:
> 
> access  to *
>         by * read
>         by dn.base="cn=Manager,dc=frop,dc=net" write
>         by self write
>         by anonymous auth
...
> rootdn          "cn=Manager,dc=frop,dc=net"

Nitpicking: There's no real need to specify that the rootdn can write in 
your ACIs.  The rootdn can always write, regardless of ACIs.

Also, I'd avoid providing examples that would allow users to change 
their own uidNumber value, and thereby become root. ;)