From: Pierangelo Masarati Date: Thu, 28 Oct 2004 17:53:46 +0000 (+0000) Subject: clearly indicate what the default rules are X-Git-Tag: OPENLDAP_REL_ENG_2_3_0ALPHA~387 X-Git-Url: https://git.sur5r.net/?a=commitdiff_plain;h=a9f2f12b9384541523ffdfcad3336e397e6658de;p=openldap clearly indicate what the default rules are --- diff --git a/doc/man/man5/slapd.access.5 b/doc/man/man5/slapd.access.5 index 65818ca726..b17c83afab 100644 --- a/doc/man/man5/slapd.access.5 +++ b/doc/man/man5/slapd.access.5 @@ -52,6 +52,11 @@ directives are defined for a backend or those which are defined are not applicable, the directives from the global configuration section are then used. .LP +If no access controls are present, the default policy +allows anyone and everyone to read anything but restricts +updates to rootdn. (e.g., "access to * by * read"). +The rootdn can always read and write EVERYTHING! +.LP For entries not held in any backend (such as a root DSE), the directives of the first backend (and any global directives) are used. diff --git a/doc/man/man5/slapd.conf.5 b/doc/man/man5/slapd.conf.5 index e4aa7d485e..c1a5aa2597 100644 --- a/doc/man/man5/slapd.conf.5 +++ b/doc/man/man5/slapd.conf.5 @@ -79,6 +79,10 @@ actual text are shown in brackets <>. Grant access (specified by ) to a set of entries and/or attributes (specified by ) by one or more requestors (specified by ). +If no access controls are present, the default policy +allows anyone and everyone to read anything but restricts +updates to rootdn. (e.g., "access to * by * read"). +The rootdn can always read and write EVERYTHING! See .BR slapd.access (5) and the "OpenLDAP's Administrator's Guide" for details.