[Freeipa-users] read-only service account - aci
Prashant Bapat
prashant at apigee.com
Fri Mar 11 16:42:49 UTC 2016
Hi,
I'm trying to use IPA's LDAP server as the user data base for an external
application.
I have created a service account from ldif below.
dn: uid=srv-ro,cn=sysaccounts,cn=etc,dc=example,dc=com
changetype: add
objectclass: account
objectclass: simplesecurityobject
uid: system
userPassword: changeme!
passwordExpirationTime: 20380119031407Z
nsIdleTimeout: 0
This works fine. My question is whats the ACI associated with this new
user? Does this user have read-only access to everything in LDAP ? Or
should I add/tune the ACI.
Thanks.
--Prashant
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/freeipa-users/attachments/20160311/b2ee760b/attachment.htm>
More information about the Freeipa-users
mailing list