Debian
如何正確 ldapmodify 替換 olcAccess 行?
這是 olcDatabase={1}hdb.ldif 的一部分
olcAccess: {0}to attrs=userPassword,shadowLastChange by self write by anonymous auth by dn="cn=admin,dc=somesite,dc=com" write by * none olcAccess: {1}to dn.base="" by * read olcAccess: {2}to * by self write by dn="cn=admin,dc=somesite,dc=com" write by * read我想附加
by dn="cn=anotheruser,ou=Users,dc=somesite,dc=com" write到{0}and{2}行。在我銷毀 LDAP 伺服器之前,以下 LDIF 是否正確?
dn: olcDatabase{1}hdb,cn=config changetype: modify replace: olcAccess olcAccess: {0}to attrs=userPassword,shadowLastChange by dn="cn=admin,dc=somesite,dc=com" write by dn="uid=anotheruser,ou=Users,dc=somesite,dc=com" write by anonymous auth by self write by * none olcAccess: {2}to * by self write by dn="cn=admin,dc=somesite,dc=com" write by dn="cn=anotheruser,ou=Users,dc=somesite,dc=com" write by * read和:
ldapmodify -Y EXTERNAL -H ldapi:/// -f ./changes.ldif我的擔憂是:
- 有 3
olcAccess:行,我沒有包括 {1} 行,所以在送出 ldif 更改後它是否仍然存在- 線路
replace: olcAccess正確嗎?
這個 ldif 對我有用,使用以前的命令
dn: olcDatabase{1}hdb,cn=config changetype: modify replace: olcAccess olcAccess: {0}to attrs=userPassword,shadowLastChange by dn="cn=admin,dc=somesite,dc=com" write by dn="uid=anotheruser,ou=Users,dc=somesite,dc=com" write by anonymous auth by self write by * none olcAccess: {1}to dn.base="" by * read olcAccess: {2}to * by self write by dn="cn=admin,dc=somesite,dc=com" write by dn="cn=anotheruser,ou=Users,dc=somesite,dc=com" write by * read