[Date Prev][Date Next] [Chronological] [Thread] [Top]

2.2.13 - acl : set directive seems not working ?

To: openldap-bugs@OpenLDAP.org
Subject: 2.2.13 - acl : set directive seems not working ?
From: "Y. Zoolinski" <yzoolinski@lavache.com>
Date: Thu, 13 Jan 2005 14:59:57 +0100
Organization: Alinto
User-agent: Mozilla Thunderbird 1.0 (Windows/20041206)

I try to migrate from 2.0.27 (rh) to 2.2.13 (fc2) and I get problem with my ACL using set directive : I want to retrieve data by comparing the attribut of the user connected and records of <my_node>. It seems to not check set rules in the new version.

ldif exemple :
dn: cn=user,o=example.com
objectclass: <my_own_oc>
department: dept1

dn: o=child1,o=node1,o=example.com
objectclass: <my_own_oc>
department: dept1

acl used (1) :
access to dn.subtree="o=node1,o=example.com"
 by set.exact="this/department & user/department" read

I've none error on openldap starting. A ldapsearch return 0 result. After many test, I also try the following acl, which doesn't work too

acl used (2) :
access to dn.subtree="<my_node>"
 by set.exact="this/department & [dept1]" read

In Changelog, I saw the ITS3140 corrected in 2.2.16 but it did not correspond to my problem, so I think it wouldn't be better with the lattest release.

Have you any idea ?
Regards

Follow-Ups:
- Re: 2.2.13 - acl : set directive seems not working ?
  - From: "Pierangelo Masarati" <ando@sys-net.it>

Prev by Date: Re: userPassword ACLs (ITS#3446)
Next by Date: Re: 2.2.13 - acl : set directive seems not working ?
Index(es):
- Chronological
- Thread