[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: acl again

To: dietzold@imise.uni-leipzig.de
Subject: Re: acl again
From: Pierangelo Masarati <masarati@aero.polimi.it>
Date: Thu, 8 Nov 2001 17:56:38 +0100 (MET)
Cc: openldap-software@OpenLDAP.org
In-reply-to: <Pine.GSO.4.40.0111081743400.29376-100000@fink> from Sebastian Dietzold at Nov "8," 2001 "05:45:34" pm

> 
> Hi there,
> 
> ok, the main wattles about regex i check, but why does this rule dont
> work?
> 
> ---
> access to dn="(dc=[^,]+,)*(dc=[^,]+)$"
> 	by group/organizationalRole/roleOccupant="cn=Domain Administrator, ou=Roles, $1 $2" write

Before going into details, remember that ACLs and significantly regexes
operate on NORMALIZED DNs, so you'd write:


access to dn="(dc=[^,]+,)*(dc=[^,]+)$"
    by group/organizationalRole/roleOccupant="cn=Domain Administrator,ou=Roles,$1$2" write


without extra intervening spaces.

Pierangelo.

Follow-Ups:
- Re: acl again
  - From: Sebastian Dietzold <dietzold@imise.uni-leipzig.de>
- Re: acl again
  - From: Stig Venaas <Stig@OpenLDAP.org>

References:
- acl again
  - From: Sebastian Dietzold <dietzold@imise.uni-leipzig.de>

Prev by Date: acl again
Next by Date: RE: Using MD5 passwords with LDAP
Index(es):
- Chronological
- Thread