Re: Access Control between two domains.

["Manilal K M" <libregeek@gmail.com>]

On 18/06/06, Kurt D. Zeilenga <Kurt@openldap.org> wrote:
> At 10:33 PM 6/16/2006, Manilal K M wrote:
> >Hello all,
> >   I have an openldap implementation with a number of domains. Now I
> >need to grant access permission to the Global Address Book of two
> >domains. For example my first domain is alpha and second domain is
> >beta. I want to share the Global Address Book of alpha with beta and
> >vice versa. I have made a simple configuration in
> >/etc/openldap/slapd.conf. Here is the acl:
> >
> >access to dn.regex="ou=Global Address Book,o=alpha,o=com,c=US"
> >       by dn.regex="uid=(.+),ou=People,o=beta,o=com,c=US" read
> >       by * none
> >access to dn.regex="ou=Global Address Book,o=beta,o=com,c=US"
> >       by dn.regex="uid=(.+),ou=People,o=alpha,o=com,c=US" read
> >       by * none
>
> For any target entry matching the above, only the above
> apply.  The "by * none" sees to that.

I am a bit confused. can u explain it?
regards
Manilal