access to dn.base=""
    by * read
    by group.exact="cn=Admins,{{ base_dn }}" manage

access to attrs=entry
     by * read

access to attrs=userPassword
    by self write
    by anonymous auth

access to dn.subtree="ou=Hackers,{{ base_dn }}"
    by self write
    by dn.subtree="ou=Services,{{ base_dn }}" read