[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: ldap ACLS with regex



<quote who="Jeronimo Zucco">
>     Hi list.
>
>     I'm using openldap 2.3.35 to my mail user database, and I have this
> structure:
>
> uid=user1,ou=People,dc=domain,dc=br
>
> ou=ImpPrefs,uid=user1,ou=People,dc=domain,dc=br
>
> cn=user1,ou=PersonalAddressBook,dc=domain,dc=br
>
>
> I try to make ACLs to permit just "self" users to write, in his ImpPrefs
> and PersonalAddressBook,  without success.
>
> I did not find much examples of ACLs with regex, I try to do:
>
>
> access  to dn="^.*,uid=([^,]+),(.*),ou=People,dc=domain,dc=br"
>         by dn="uid=$1,$2,ou=People,dc=domain,dc=br"        write

Why $1 and $2?

I thought you said your users dn was:

uid=user1,ou=People,dc=domain,dc=br


>         by *                                            none
>
>
> but this give me an error.
>
> Somebody can help me?
>
> --
> Jeronimo Zucco
> LPIC-1 Linux Professional Institute Certified
> Núcleo de Processamento de Dados
> Universidade de Caxias do Sul
>
> http://jczucco.blogspot.com
>
>