From 859dbe1398dfc53f407d058177fcf2bfafea21a8 Mon Sep 17 00:00:00 2001 From: Kurt Zeilenga Date: Fri, 15 Oct 1999 20:34:42 +0000 Subject: [PATCH] Change the defaultaccess to 'auth' Set defaultaccess to 'read' in distribution slapd.conf and add warnings Set schemacheck to 'on' in distribution slapd.conf and add warnings --- servers/slapd/config.c | 2 +- servers/slapd/slapd.conf | 7 ++++++- 2 files changed, 7 insertions(+), 2 deletions(-) diff --git a/servers/slapd/config.c b/servers/slapd/config.c index fa546aac22..abb5dab945 100644 --- a/servers/slapd/config.c +++ b/servers/slapd/config.c @@ -27,7 +27,7 @@ int defsize = SLAPD_DEFAULT_SIZELIMIT; int deftime = SLAPD_DEFAULT_TIMELIMIT; AccessControl *global_acl = NULL; -int global_default_access = ACL_READ; +int global_default_access = ACL_AUTH; int global_readonly = 0; char *replogfile; int global_lastmod = ON; diff --git a/servers/slapd/slapd.conf b/servers/slapd/slapd.conf index 59be805b5b..e20c277be2 100644 --- a/servers/slapd/slapd.conf +++ b/servers/slapd/slapd.conf @@ -5,8 +5,13 @@ # include %SYSCONFDIR%/slapd.at.conf include %SYSCONFDIR%/slapd.oc.conf -schemacheck off +# Using ACLs to control access is wise. When ACLs are used, +# "defaultaccess none" is recommended (default is 'auth'). +defaultaccess read + +# Do not enable referrals until AFTER you have a working directory +# service AND an understanding of referrals. #referral ldap://root.openldap.org pidfile %LOCALSTATEDIR%/slapd.pid -- 2.39.5