dn: olcDatabase={1}mdb,cn=config
changetype: modify
replace: olcAccess
olcAccess: to attrs="userPassword"
  by ssf=128 group/groupOfEntries="cn=admins,ou=groups,o=tutorial" =w
  by ssf=128 dn="cn=ixldap01.example.com,o=ix tutorial,st=musterland,c=de" read
  by ssf=128 dn="cn=ixldap02.example.com,o=ix tutorial,st=musterland,c=de" read
  by ssf=128 self =w
  by ssf=128 anonymous auth
olcAccess: to attrs="l,st,street,telephoneNumber"
  by ssf=128 group/groupOfEntries="cn=admins,ou=groups,o=tutorial" manage
  by ssf=128 dn="cn=ixldap01.example.com,o=ix tutorial,st=musterland,c=de" read
  by ssf=128 dn="cn=ixldap02.example.com,o=ix tutorial,st=musterland,c=de" read
  by ssf=128 self write
  by ssf=128 * read
olcAccess: to attrs="objectClass,cn,description,displayName,gecos,gidNumber,
 givenName,homeDirectory,initials,loginShell,mail,member,memberOf,ou,sn,uid,
 uidNumber,entry"
  by ssf=128 group/groupOfEntries="cn=admins,ou=groups,o=tutorial" manage
  by ssf=128 users read
olcAccess: to *
  by ssf=128 group/groupOfEntries="cn=admins,ou=groups,o=tutorial" manage
  by ssf=128 dn="cn=ixldap01.example.com,o=ix tutorial,st=musterland,c=de" read
  by ssf=128 dn="cn=ixldap02.example.com,o=ix tutorial,st=musterland,c=de" read
  by * none

