[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
2.2.13 - acl : set directive seems not working ?
- To: openldap-bugs@OpenLDAP.org
- Subject: 2.2.13 - acl : set directive seems not working ?
- From: "Y. Zoolinski" <yzoolinski@lavache.com>
- Date: Thu, 13 Jan 2005 14:59:57 +0100
- Organization: Alinto
- User-agent: Mozilla Thunderbird 1.0 (Windows/20041206)
I try to migrate from 2.0.27 (rh) to 2.2.13 (fc2) and I get problem with
my ACL using set directive :
I want to retrieve data by comparing the attribut of the user connected
and records of <my_node>. It seems to not check set rules in the new
version.
ldif exemple :
dn: cn=user,o=example.com
objectclass: <my_own_oc>
department: dept1
dn: o=child1,o=node1,o=example.com
objectclass: <my_own_oc>
department: dept1
acl used (1) :
access to dn.subtree="o=node1,o=example.com"
by set.exact="this/department & user/department" read
I've none error on openldap starting. A ldapsearch return 0 result.
After many test, I also try the following acl, which doesn't work too
acl used (2) :
access to dn.subtree="<my_node>"
by set.exact="this/department & [dept1]" read
In Changelog, I saw the ITS3140 corrected in 2.2.16 but it did not
correspond to my problem, so I think it wouldn't be better with the
lattest release.
Have you any idea ?
Regards