1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
|
{
"error": null,
"id": 0,
"result": {
"count": 5,
"result": [
"(targetattr != \"userPassword || krbPrincipalKey || sambaLMPassword || sambaNTPassword || passwordHistory || krbMKey\")(version 3.0;acl \"Enable Anonymous access\";allow (read,search,compare) userdn = \"ldap:///anyone\";)",
"(targetattr != \"userPassword || krbPrincipalKey || sambaLMPassword || sambaNTPassword || passwordHistory || krbMKey || ipaUniqueId\")(version 3.0;acl \"Admin can manage any entry\";allow (all) groupdn = \"ldap:///cn=admins,cn=groupss,cn=accounts,dc=dev,dc=example,dc=com\";)",
"(targetattr = \"userPassword || krbPrincipalKey || sambaLMPassword || sambaNTPassword\")(version 3.0;acl \"Self can write own password\";allow (write) userdn = \"ldap:///self\";)",
"(targetattr = \"userPassword || krbPrincipalKey || sambaLMPassword || sambaNTPassword || passwordHistory\")(version 3.0;acl \"Admins can write passwords\";allow (add,delete,write) groupdn = \"ldap:///cn=admins,cn=groups,cn=accounts,dc=dev,dc=example,dc=com\";)",
"(targetattr = \"userPassword || krbPrincipalKey || sambaLMPassword || sambaNTPassword || passwordHistory\")(version 3.0;acl \"Password change service can read/write passwords\";allow (read,write) userdn = \"ldap:///krbprincipalname=kadmin/changepw@DEV.EXAMPLE.COM,cn=DEV.EXAMPLE.COM,cn=kerberos,dc=dev,dc=example,dc=com\";)"
],
"summary": "5 ACIs matched"
}
}
|
