.LP
The keyword
.B anonymous
-means access is granted to unauthenticated users; it is moslty used
+means access is granted to unauthenticated clients; it is mostly used
to limit access to authentication resources (e.g. the
.B userPassword
-attribute) to unauthenticated users for authentication purposes.
+attribute) to unauthenticated clients for authentication purposes.
.LP
The keyword
.B users
-means access is granted to authenticated users.
+means access is granted to authenticated clients.
.LP
The keyword
.B self
authentication/authorization operations (e.g.
.BR bind )
with no other access.
-This is useful to grant unauthenticated users the least possible
+This is useful to grant unauthenticated clients the least possible
access level to critical resources, like passwords.
.LP
The
.fi
.LP
which grants everybody search and compare privileges, and adds read
-privileges to authenticated users.
+privileges to authenticated clients.
.SH FILES
.TP
ETCDIR/slapd.conf
<style> ::= exact | base | one | subtree | children | regex | anonymous
.RE
-.B Anonymous
-is hit when a search is performed without prior binding;
+The term
+.B anonymous
+matches all unauthenticated clients.
+the term
.B users
-is hit when a search is performed by a successfully bound user;
+matches all authenticated clients;
otherwise a
.B regex
dn pattern is assumed unless otherwise specified by qualifying
projects / openldap / commitdiff