[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: multiple conditions in ACL

To: openldap-software@OpenLDAP.org
Subject: Re: multiple conditions in ACL
From: DEVRIENDT ERIK <erik.devriendt@siemens.com>
Date: Tue, 23 Dec 2003 12:44:46 +0100

I wrote
>I want to give write access to a group object 'g1' (groupOfUniqueNames)
>only to people that are member of that group AND are member of
>another group 'admin'.
>How do I formulate that in an ACL ?

Many thanks to all that have replied.

In the mean while, I tried out ACLS with sets.
I used following ACL successfully:

access to dn.base="ou=gl,dc=example,dc=com"
	by set="user & this/uniqueMember &
[ou=admin,dc=example,dc=com]/uniqueMember" write
	by * read

Erik Devriendt
Project Engineer

Siemens n.v./s.a. 
EIT-ES5
Tel. ++32 2-536.48.56 
Fax ++32 2-536.28.80 

mailto:Erik.Devriendt@siemens.com
http://www.siemens.be

Prev by Date: relocation error : rewrite_info_init
Next by Date: RE: relocation error : rewrite_info_init
Index(es):
- Chronological
- Thread