[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: ACL based on superior entry



"Dieter Kluenter" <dieter@dkluenter.de> writes:

> Michael Ströder <michael@stroeder.com> writes:
>
>> HI!
>>
>> Is it possible to grant access in an ACL by a certain attribute value of the
>> superior entry?
>>
>> I'd like to be able to disable bind for users based on a status flag in the
>> container entry under which all user entries reside.
>
> sets come to my mind. Something like
> access to cn=something
>        by user & [cn=other\attributetype & value]

oops, the magic word set is missing, so
access to cn=something
by set="user & [cn=other\attributety0 & value]"

> more on sets at http://www.openldap.org/faq/data/cache/1133.html


-Dieter

-- 
Dieter Klünter | Systemberatung
http://dkluenter.de
GPG Key ID:8EF7B6C6
53°37'09,95"N
10°08'02,42"E