From 4f5cc166e2d2603c3ac7348507ea2e4ab92f5252 Mon Sep 17 00:00:00 2001
From: Alexandre Aubin <alex.aubin@mailoo.org>
Date: Fri, 4 Nov 2022 22:14:15 +0100
Subject: [PATCH] ldap: re-allow member of the admins group to edit ldap db

---
 conf/slapd/config.ldif | 1 +
 1 file changed, 1 insertion(+)

diff --git a/conf/slapd/config.ldif b/conf/slapd/config.ldif
index 2494229508..89ea91a227 100644
--- a/conf/slapd/config.ldif
+++ b/conf/slapd/config.ldif
@@ -159,6 +159,7 @@ olcAccess: {2}to dn.base=""
 # can read everything.
 olcAccess: {3}to *
     by dn.base="gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth" write
+    by group/groupOfNames/member.exact="cn=admins,ou=groups,dc=yunohost,dc=org" write
     by * read
 #
 olcAddContentAcl: FALSE