From d98889584e8672a30a0e11fdfca753dfac7be652 Mon Sep 17 00:00:00 2001
From: Jonathan DeMasi <me@jthan.io>
Date: Sat, 24 Jan 2026 15:19:42 -0700
Subject: [PATCH] add more anon acl

---
 ansible/roles/openldap_server/tasks/acls.yaml | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/ansible/roles/openldap_server/tasks/acls.yaml b/ansible/roles/openldap_server/tasks/acls.yaml
index 5a7e893..dd356e5 100644
--- a/ansible/roles/openldap_server/tasks/acls.yaml
+++ b/ansible/roles/openldap_server/tasks/acls.yaml
@@ -11,6 +11,10 @@
           by self write
           by anonymous auth
           by * none
+        - >-
+          to attrs=uid
+          by anonymous read
+          by * none
         - >-
           to *
           by dn="{{ ldap_admin_dn }}" write