[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: set.regex and substring substitution

To: ronie@ronie.com.br
Subject: Re: set.regex and substring substitution
From: Pierangelo Masarati <masarati@aero.polimi.it>
Date: Thu, 17 Sep 2009 12:02:23 +0200
Cc: openldap-software@openldap.org
In-reply-to: <4AB19C30.2070605@ronie.com.br>
References: <4AAF932F.3020403@ronie.com.br> <Pine.SOC.4.64.0909151115031.4474@toolbox.rutgers.edu> <4AAFE8D0.8050705@ronie.com.br> <Pine.SOC.4.64.0909161241170.4474@toolbox.rutgers.edu> <4AB19C30.2070605@ronie.com.br>
User-agent: Thunderbird 2.0.0.19 (X11/20090107)

Ronie Gilberto Henrich wrote:

Hi Aaron,

Isn't it the same as setting loglevel 128 (access control list
processing) in /etc/openldap/slapd.conf ?

This is the slapd.access acl:
access to dn.regex="^(.+,)?ou=([^,]+),ou=Mail,o=example,c=BR$"
  by set.regex="user/allowedDomain & $2" write


Try

access to dn.regex="^(.+,)?ou=([^,]+),ou=Mail,o=example,c=BR$"
  by set.regex="user/allowedDomain & [$2]" write

since the domain, after regex expansion, should be treated as a literal.Moreover,


access to dn.regex="^(.+,)?ou=([^,]+),ou=Mail,o=example,c=BR$"
  by set.expand="user/allowedDomain & [$2]" write

should be more appropriate.

p.

Follow-Ups:
- Re: set.regex and substring substitution
  - From: Ronie Gilberto Henrich <ronie@ronie.com.br>

References:
- set.regex and substring substitution
  - From: Ronie Gilberto Henrich <ronie@ronie.com.br>
- Re: set.regex and substring substitution
  - From: Aaron Richton <richton@nbcs.rutgers.edu>
- Re: set.regex and substring substitution
  - From: Ronie Gilberto Henrich <ronie@ronie.com.br>
- Re: set.regex and substring substitution
  - From: Aaron Richton <richton@nbcs.rutgers.edu>
- Re: set.regex and substring substitution
  - From: Ronie Gilberto Henrich <ronie@ronie.com.br>

Prev by Date: Re: set.regex and substring substitution
Next by Date: Re: set.regex and substring substitution
Index(es):
- Chronological
- Thread