summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorJeroen van Meeuwen (Kolab Systems) <vanmeeuwen@kolabsys.com>2012-09-17 14:55:48 +0100
committerJeroen van Meeuwen (Kolab Systems) <vanmeeuwen@kolabsys.com>2012-09-17 14:55:48 +0100
commit19606b44245756510d0bea1299145ab4d1c3d758 (patch)
tree71c0e2ba096ca0b91ddf84b61a6177cd3338476c
parent9741b2051c6f36593e4aef5f737aca2833f440a4 (diff)
downloadwebadmin-19606b44245756510d0bea1299145ab4d1c3d758.tar.gz
Correct default set of ACIs for new domain name spaces
-rw-r--r--lib/Auth/LDAP.php2
1 files changed, 1 insertions, 1 deletions
diff --git a/lib/Auth/LDAP.php b/lib/Auth/LDAP.php
index 858c422..e15b266 100644
--- a/lib/Auth/LDAP.php
+++ b/lib/Auth/LDAP.php
@@ -1224,7 +1224,7 @@ class LDAP extends Net_LDAP3 {
$_aci,
// Search Access,
- "(targetattr = \"*\") (version 3.0;acl \"Search Access\";allow (read,compare,search)(userdn = \"ldap:///" . $inetdomainbasedn . "\");)",
+ "(targetattr = \"*\") (version 3.0;acl \"Search Access\";allow (read,compare,search)(userdn = \"ldap:///" . $inetdomainbasedn . "??sub?(objectclass=*)\");)",
// Service Search Access
"(targetattr = \"*\") (version 3.0;acl \"Service Search Access\";allow (read,compare,search)(userdn = \"ldap:///" . $service_bind_dn . "\");)",