[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: slapd.conf access statement

This is close to what I was looking for, however the issue is that there are thousands of OU's under the ou=accounts,dc=example,dc=net subtree. I was hoping that there was a way to wildcard, but still be able to use dn.children.

Thank you.
 - Jason Parsons

On Sunday, January 12, 2003, at 06:42 AM, Dieter Kluenter wrote:

access to cn=one,ou=blah.net,ou=accounts,dc=example,dc=net
       by dn.children= "cn=one,ou=blah.net,ou=accounts,
       dc=example,dc=net"  write

could be a possibility, or a bit more sophisticated

access to dn.subtree="cn=one,ou=blah.net,ou=accounts,dc=example,dc=net"
       by dn.children="cn=one,ou=blah.net,ou=accounts,
       dc=example,dc=net" read continue
       by dn.exact="uid=(.*),cn=one,ou=blah.net,ou=accounts,
       dc=example,dc=net" selfwrite continue
       by * none stop

See man (5) slapd.access