[Date Prev][Date Next]
Re: aci using domain= problem
Do you have reverse name lookups turned on?
With the 2.0 stuff I think its a compile time option, although
I could be wrong I havent played with 2.0.x in a while.
On Fri, Jan 03, 2003 at 10:23:08AM -0600, Curtis J Blank wrote:
> I was told I have to post this here.
> I'm trying to use an aci to restrict attributes to certain machines, it
> doesn't seem to work. No machines can see the attributes including the
> machines we want to see them. This is the rule:
> access to
> self write
> dn="uid=coredb,ou=people,o=uwm.edu" write
> domain=.*\.csd\.uwm\.edu read
> It's pretty much right out of the 2.0 Admin manual. Am I restricted to
> only using edu.com in the domain field and not csd.edu.com? If the last
> "by" entry is "* read" they can be seen, but that is not what we want. I
> also added a "by * none" at the end, that made no difference. and I
> tried enclosing .*\.csd\.uwm\.com in double quotes i.e.
> ".*\.csd\.uwm\.com" to noavail. I've tried this on 2.0.23, 2.0.25, and
> 2.0.27, all with the same results.
> And one last question, can I put an actual machine name in i.e.
> machine1.csd.uwm.edu? That's actually what I would like to do.
Information and Communication Technologies
New Mexico State University
Email: firstname.lastname@example.org Phone: 505-646-6034 Fax: 505-646-4560