On Wed, Dec 16, 2009 at 12:58 PM, Craig White <craigwhite@azapple.com> wrote:
allow           bind_anon_dn

access to attrs=userPassword,sambaNTPassword,sambaLMPassword
       by self write
       by anonymous auth
       by * none

access to dn.regex="^uid=([^,]+)ou=People,dc=azapple,dc=com$$"
       by self read
       by anonymous auth
       by * none

# a bottom catchall rule...
access to *
       by anonymous read
       by * read

access to dn.base="cn=Subschema" by * read


Have all that now..

Had to take out the samba stuff, openldap complained on restart.

[root@ldap home]# getent passwd | grep example
[root@ldap home]#

Still nothing good from getent.

Peter

--
Peter Serwe
http://truthlightway.blogspot.com/