[Date Prev][Date Next] [Chronological] [Thread] [Top]

ACL: Combining domain and other <who> directives?


After digging into the admin guide and FAQmatic I am not yet aware of how to solve this problem:

I only want to allow access to an OpenLDAP 2 server from one domain. Within that domain, some other <who> directives are important in order to allow different access from none to write. Maybe I am suffering from total misconception, but I am just missing boolean operators like "NOT" operator or an "AND", that's why I cant formulate the rules in OpenLDAP lingo.

In pseudo code, this is what I am after:

access to *
 if (domain ==  .*.domain.tld) {
     if (self) {
     elseif (users) {
 else {
     no access at all.

Can anybody help out here?