[Date Prev][Date Next] [Chronological] [Thread] [Top]

Complex Group ACL "selfwrite" question



I am hoping someone can help with this...

I am setting up an OpenLDAP server for my workplace, and there are some
features which have been requested which I am unsure if LDAP can perform
(properly).

The one feature is the ability to use LDAP with Sendmail.  This appears to
work fine with the 8.10 betas (I need alias support...).

In conjunction with that, we have a couple of mail aliases which we would
like to make open to subscription by users (they would be able to add and
remove themselves from the group).  This I can't figure out - it seems
that specifying:

access to ".*,ou=Aliases,o=VR-1 Inc.,c=US" attr=entry,member
 by dnattr=member selfwrite

per the Admin Guide exaples will only get me the full DN of the user (and
what I really need is to validate vs. their mail attr, and add/remove the
mail attribute without the leading "mail=").  Is there any way to do this?

Lastly (and I apologize for this, but could not find the answer) - are
ACIs available in the latest production version yet?

--
Leslie M. Barstow III  | http://www.faerealm.com/phoenix
phoenix@faerealm.com   |    Linux and Apple][GS links:    computers/
PGP key at www.pgp.com |    Fight junk e-mail abuse!:     computers/spam/
Wow!  It all fits.     |