From a9f2f12b9384541523ffdfcad3336e397e6658de Mon Sep 17 00:00:00 2001 From: Pierangelo Masarati Date: Thu, 28 Oct 2004 17:53:46 +0000 Subject: [PATCH] clearly indicate what the default rules are --- doc/man/man5/slapd.access.5 | 5 +++++ doc/man/man5/slapd.conf.5 | 4 ++++ 2 files changed, 9 insertions(+) diff --git a/doc/man/man5/slapd.access.5 b/doc/man/man5/slapd.access.5 index 65818ca726..b17c83afab 100644 --- a/doc/man/man5/slapd.access.5 +++ b/doc/man/man5/slapd.access.5 @@ -52,6 +52,11 @@ directives are defined for a backend or those which are defined are not applicable, the directives from the global configuration section are then used. .LP +If no access controls are present, the default policy +allows anyone and everyone to read anything but restricts +updates to rootdn. (e.g., "access to * by * read"). +The rootdn can always read and write EVERYTHING! +.LP For entries not held in any backend (such as a root DSE), the directives of the first backend (and any global directives) are used. diff --git a/doc/man/man5/slapd.conf.5 b/doc/man/man5/slapd.conf.5 index e4aa7d485e..c1a5aa2597 100644 --- a/doc/man/man5/slapd.conf.5 +++ b/doc/man/man5/slapd.conf.5 @@ -79,6 +79,10 @@ actual text are shown in brackets <>. Grant access (specified by ) to a set of entries and/or attributes (specified by ) by one or more requestors (specified by ). +If no access controls are present, the default policy +allows anyone and everyone to read anything but restricts +updates to rootdn. (e.g., "access to * by * read"). +The rootdn can always read and write EVERYTHING! See .BR slapd.access (5) and the "OpenLDAP's Administrator's Guide" for details. -- 2.39.5