[Freeipa-users] read-only service account - aci
Prashant Bapat
prashant at apigee.com
Tue Mar 15 03:28:46 UTC 2016
Anyone?
On 11 March 2016 at 22:12, Prashant Bapat <prashant at apigee.com> wrote:
> Hi,
>
> I'm trying to use IPA's LDAP server as the user data base for an external
> application.
>
> I have created a service account from ldif below.
>
>
> dn: uid=srv-ro,cn=sysaccounts,cn=etc,dc=example,dc=com
> changetype: add
> objectclass: account
> objectclass: simplesecurityobject
> uid: system
> userPassword: changeme!
> passwordExpirationTime: 20380119031407Z
> nsIdleTimeout: 0
>
>
> This works fine. My question is whats the ACI associated with this new
> user? Does this user have read-only access to everything in LDAP ? Or
> should I add/tune the ACI.
>
> Thanks.
> --Prashant
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/freeipa-users/attachments/20160315/ee7faea9/attachment.htm>
More information about the Freeipa-users
mailing list