Skip to main content

Slapd olcAccess (ACL) utility

Project description

slapd acl

slapd olcAccess (ACLs) utility, your olcAccess in a human readable way.




pip3 install slapd_acl


using ldapi and mdb (default behaviour)


specifing a base

slapd_acl -b 'olcDatabase={0}config,cn=config'

using different paramenters

usage: slapd_acl [-h] [-H H] [-Y Y] [-D D] [-w W] [-b B] [-ldif] [-enc ENC]

optional arguments:
  -h, --help  show this help message and exit
  -H H        LDAP URL
  -Y Y        SASL mechanism
  -D D        example cn:admin,dc=example,dc=org
  -w W        the user password
  -b B        Base LDAP Search
  -ldif       print a modify ldif
  -enc ENC    encoding

Modify ldif

-ldif option make the output in a ldif modify format.


root@ldapmaster:~# slapd_acl -ldif
 ldapsearch -Y EXTERNAL -H ldapi:///  -b 'olcDatabase={1}mdb,cn=config' -s base 'olcAccess' -LLL

SASL/EXTERNAL authentication started
SASL username: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth

dn: olcDatabase={1}mdb,cn=config
changeType: modify
replace: olcAccess
olcAccess: to * 
 by dn.exact=gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth manage 
 by dn.exact="cn=admin,dc=testunical,dc=it" manage 
 by * break 
olcAccess: to attrs=userPassword,shadowLastChange,mail 
 by self write 
 by anonymous auth 
 by * break 
olcAccess: to * 
 by dn.children="ou=repl,dc=testunical,dc=it" read 
 by * break 
olcAccess: to dn.subtree="ou=people,dc=testunical,dc=it" 
 by dn.children="ou=idp,dc=testunical,dc=it" read 
 by self read 
 by * break 
olcAccess: to * 
 by anonymous auth 
 by * break 


Giuseppe De Marco

Project details

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

slapd_acl-0.2.0.tar.gz (2.8 kB view hashes)

Uploaded source

Supported by

AWS AWS Cloud computing and Security Sponsor Datadog Datadog Monitoring Fastly Fastly CDN Google Google Download Analytics Microsoft Microsoft PSF Sponsor Pingdom Pingdom Monitoring Sentry Sentry Error logging StatusPage StatusPage Status page