[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: groups in access directive

Basic group behavior is same between 1.2 and 2.0, so
the following should provide enough to get started

As for ACIs, they are quite experimental and not
yet documented anywhere (excepting maybe the archives
of this or the -devel mailing list).


At 12:21 PM 10/5/00 +0200, Joeri van Ruth wrote:
>According to the OpenLDAP 2.0 administrators guide, the <who>
>clause of an access directive looks like this:
><who> ::= [* | anonymous | users | self |
>        dn[.<subject style>]=<regex>]
>        [dnattr=<attrname> ]
>        [group[/<objectclass>[/<attrname>][.<basic style>]]=<regex> ]
>        [peername[.<basic style>]=<regex>]
>        [sockname[.<basic style>]=<regex>]
>        [domain[.<basic style>]=<regex>]
>        [sockurl[.<basic style>]=<regex>]
>        [set=<setspec>]
>        [aci=<attrname>]
>Unfortunately, it does not explain the use of the GROUP and
>ACI options.
>Does anybody here know how they work?