From 27891173972ee0012ecaedc8ca9e9284edc47b28 Mon Sep 17 00:00:00 2001 From: Alex Auvolat Date: Sun, 16 Feb 2020 11:31:56 +0100 Subject: [PATCH] Allow service accounts to read everything including userpassword (used by Dovecot) --- consul/configuration/directory/bottin/config.json | 1 + 1 file changed, 1 insertion(+) diff --git a/consul/configuration/directory/bottin/config.json b/consul/configuration/directory/bottin/config.json index 37b5236..27351f4 100644 --- a/consul/configuration/directory/bottin/config.json +++ b/consul/configuration/directory/bottin/config.json @@ -9,6 +9,7 @@ "ANONYMOUS::bind:*,ou=users,dc=deuxfleurs,dc=fr:", "ANONYMOUS::bind:cn=admin,dc=deuxfleurs,dc=fr:", "*,ou=services,ou=users,dc=deuxfleurs,dc=fr::bind:*,ou=users,dc=deuxfleurs,dc=fr:*", + "*,ou=services,ou=users,dc=deuxfleurs,dc=fr::read:*:*", "*:cn=asso_deuxfleurs,ou=groups,dc=deuxfleurs,dc=fr:add:*,ou=invitations,dc=deuxfleurs,dc=fr:*", "ANONYMOUS::bind:*,ou=invitations,dc=deuxfleurs,dc=fr:",