[Date Prev][Date Next]
constraints on attributes or number of leaves [long]
I have planed to do a free gtk-libldap gui for an exim-ldap
configuration, to provide a nice interface for end-users that they
manage themselves their mail accounts.
There are different roles that the interface should manage:
- mail admin: can add/remove/modify domain.
- domain admin: can add/remove/modify mail user in his domain.
- mail user: can forward their mail, set aliases, auto-reply and so
There are some constraints that can't be managed by the
- unique constraint on mail attribute value, mail alias
- Max number of mail account per domain, max number of mail alias per
user...(trust no one... except server ACLs)
* For the unique constraint mail/alias, the only way i found is to
use the dn key, for example:
firstname.lastname@example.org alias of email@example.com.
(yes, there is also a circular reference problem, maybe i will have to
try "alias" objectclass , don't know right now )
* For the max number of child/attributes, there is a solution too:
precreate mail accounts with the "mail admin" role for example:
dn: uid=[max number of mail],dc=domain,dc=home
"domain admin" role will not be able to remove a MailAccount anymore, just set
mail attribute value.
But wait... what about the unique constraint ?
This is a catch 22
Any idea ?