A cloud-native LDAP server backed by a Consul datastore
Find a file
2020-01-26 19:27:17 +01:00
ldapserver Add ldapserver source in here & add support for client state 2020-01-19 13:00:53 +01:00
.gitignore Begin Go reimplementation of Bottin 2020-01-19 12:49:49 +01:00
acl.go Fix an issue with excluded attributes 2020-01-26 18:57:29 +01:00
config.json Externalize config 2020-01-26 19:27:17 +01:00
main.go Externalize config 2020-01-26 19:27:17 +01:00
README.md Externalize config 2020-01-26 19:27:17 +01:00
ssha.go Add ldapserver source in here & add support for client state 2020-01-19 13:00:53 +01:00
util.go First ACL implementation 2020-01-26 18:42:04 +01:00

ACL examples

// Anybody (before binding) can bind to an entity under ou=users,dc=gobottin,dc=eu
"ANONYMOUS::bind:*,ou=users,dc=gobottin,dc=eu:",
// Anybody (before binding) can bind to the specific admin entity
"ANONYMOUS::bind:cn=admin,dc=gobottin,dc=eu:",
// Anybody who is logged in can read anything that is not a userpassword attribute
"*,dc=gobottin,dc=eu::read:*:* !userpassword",
// Anybody can read and modify anything from their own entry
"*::read modify:SELF:*",
// The admin can read, add, modify, delete anything
"cn=admin,dc=gobottin,dc=eu::read add modify delete:*:*",
// Members of the admin group can read, add, modify, delete anything
"*:cn=admin,ou=groups,dc=gobottin,dc=eu:read add modify delete:*:*"