From 468c8ee2d5da809256fc774c6e69297a6b073112 Mon Sep 17 00:00:00 2001 From: Quanah Gibson-Mount Date: Mon, 17 Jun 2019 14:50:13 +0000 Subject: [PATCH] ITS#9003 Note that with slapd-ldap, the special character "*" actually allows anonymous rather than denies, as is the case with authz-policy --- doc/man/man5/slapd-ldap.5 | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/doc/man/man5/slapd-ldap.5 b/doc/man/man5/slapd-ldap.5 index 88cffbe94b..410db8c604 100644 --- a/doc/man/man5/slapd-ldap.5 +++ b/doc/man/man5/slapd-ldap.5 @@ -203,14 +203,16 @@ if defined, selects what identities are authorized to exploit the identity assertion feature. The string .B -follows the rules defined for the +mostly follows the rules defined for the .I authzFrom attribute. See .BR slapd.conf (5), section related to .BR authz\-policy , -for details on the syntax of this field. +for details on the syntax of this field. This parameter differs from +the documented behavior in relation to the meaning of *, which in this +case allows anonymous rather than denies. .HP .hy 0 -- 2.47.2