[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: slapd.conf acl based on uniqueMember attribute



At 09:32 PM 5/10/01, Gerald Carter wrote:
>Hello,
>
>So far I have searched the archives and existing documentation I can find,
>but only find references to doing the inverse of what I need.  Here's the
>scenario:
>
>I need to create 2 ou's (one for accounts and one for class roles).  User
>accounts follow the standard rfc2307 schema using posixAccount
>objectclass.  Class roles are represented by the groupOfNames objectclass.
>I need to define an ACL in slapd.conf which allows the 'owner' attribute
>value in the groupOfNames write access to the DN's specified by the
>'member' attribute.

access to filter=(objectClass=groupOfNames) attrs=member
  by dnattr=owner write
  ...