lastmod on
# owner writeable
-access to attrs=userPassword,sshrsaauthkey
+access to attrs=userPassword,sudoPassword,sshrsaauthkey
by group="cn=LDAP Administrator,ou=users,@@DN@@" write
by dn="uid=sshdist,ou=users,@@DN@@" write
- by self write
+ by self read
by * compare
# debian readable