diff --git a/roles/slapd/templates/ldap/slapd.conf.j2 b/roles/slapd/templates/ldap/slapd.conf.j2
index b8bd218b99e9921005c124e0a79d6503fed735d9..0d7c7214aa49134f761f9c8babdf9f879d21ccb3 100644
--- a/roles/slapd/templates/ldap/slapd.conf.j2
+++ b/roles/slapd/templates/ldap/slapd.conf.j2
@@ -166,12 +166,6 @@ access to attrs=userPassword,shadowLastChange
         by dn="cn=replicator,dc=crans,dc=org" read
         by * none
 
-access to attrs=loginShell,mail,telephoneNumber
-        by self write
-        by set="[cn=_nounou,ou=group,dc=crans,dc=org]/memberUid & user/uid" write
-        by dn="cn=replicator,dc=crans,dc=org" read
-        by * read
-
 # Ensure read access to the base for things like
 # supportedSASLMechanisms.  Without this you may
 # have problems with SASL not knowing what