Symas OpenLDAP Knowledge Base

Using slapacl

 

Using slapacl

slapacl Man Page

Online Use: ✅

Syntax: slapacl <config> -b <baseDN> -D <authcDN> [attr[/access]]

  • The slapacl command is used for testing user access to entries and/or attributes according to their ACL permissions
Option Description
-f <slapd.conf> | -F <slapd.d> The configuration file or directory to use
-b DN The entry to test access to
-D <authcID> The entry to test access for
attr/access An attribute and optional access level to test

Examples

  • Test for read access for the given name attribute for a user by a user:

    slapacl <conf> -b cn=may gaul,ou=accounting,dc=example,dc=com \ 
  -D cn=Rama Ploof,ou=Janitorial,dc=example,dc=com givenName/read

  • Test write access for two attributes:

    slapacl <conf> -b cn=may gaul,ou=accounting,dc=example,dc=com \ 
  -D cn=Rama Ploof,ou=Janitorial,dc=example,dc=com givenName/write sn/write

  • Show access levels for all attributes in an entry:

    slapacl <conf> -b cn=may gaul,ou=accounting,dc=example,dc=com \
  -D cn=Rama Ploof,ou=Janitorial,dc=example,dc=com