Re: ACL - grant access to subtree by regex (solved)

[Philip Guenther <guenther+ldaptech@sendmail.com>]

On Sat, 29 Jun 2013, Ole wrote:
> Am Sat, 29 Jun 2013 19:49:08 +0200
> schrieb Ole <ole@free.de>:
> 
> >   access to dn.regex=".*ou=([^,]+),ou=mail,dc=example,dc=tld$"
> >     by dn.onelevel,expand="ou=admins,ou=$1,ou=mail,dc=example,dc=tld" write
> >     by * break
> 
> Oh sorry, I have to correct this. It is more secure to use:
> 
>   access to dn.regex="^(.+,)?ou=([^,]+),ou=mail,dc=example,dc=tld$"
>     by dn.onelevel,expand="ou=admins,ou=$1,ou=mail,dc=example,dc=tld" write
>     by * break

You changed the number of parentheses, so surely that should be $2 instead 
of $1 in the second line, no?


> please see [1] for explanation.

Error, dangling footnote.


Philip Guenther