[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: ACL filters

At 12:08 AM 7/1/99 -0700, Kurt D. Zeilenga wrote:
>At 05:23 PM 6/30/99 +0200, Emmanuel JEGOU wrote:
>>I try to manage access controls on entries under ou=people,o=Naonet
>>Company,c=fr entry to only one person for the moment.
>>My problem occurs when I want to manage access to entries with the
>>attribut value equal to 'Personnel'. Only the entries that verify this
>>condition can be accessed.
>It looks like Rule 2 should do the trick.  When you tested it was
>it the first rule in slapd.conf?   Remember that only the first
>matched "what" clause of the first matched "who" clause matters.  If
>no "what" clause matches of the first matched "who" clause, the
>default rule is applied.  If no "who" cause matches, the default
>rule is applied.

Yiks... I reversed "what" and "who" in the above.

That is.  Only the first matching (to "what" clause) ACL matters.
And within this ACL, only the first matching (by "who") clause

Sorry if confused anyone.