Access to pab (Personal Address Book)
Hi,
I am trying to access the personal address book using the following DN:
ou=testuser,ou=People,o=example.com,dc=example,dc=com,o=pab
I am able to connect to this only when i login as a directory manager. But I need to access using the testuser's credentials. Is there way to handle this, because I may not be able to get the credentials of directory manager in production environment?
Thanks and Regards,
Kamal
# 1
Hi,
You can modify the ACI's on the directory server to allow access for other users apart from the directory manager. I recommend that you refer to the various directory guides on how to view/set ACI's.
My install has the following ACI set:
bash-2.05# ldapsearch -b "o=pab" -D "cn=directory manager" -w <password> objectclass=* aci
o=pab
aci=(target="ldap:///o=pab")(targetattr="*")(version 3.0; acl "PAB Administrator access rights"; allow (all) groupdn="ldap:///cn=Messaging End User Administrators Group, ou=Groups, o=isp";)
In this case members of the "cn=Messaging End User Administrators Group, ou=Groups, o=isp" also have read rights, so I could just add another user to this group to get read access.
Regards,
Shane.
