[Date Prev][Date Next]
Re: [LDAP-SOFTWARE] ACLand regex (matching self)
> > b. Let the one that binds to the database as 'app=qwido'
> > (yes, that entry has
> > it's own userpassword) read the entry app=qwido and anything under it.
> No. 'access to dn="foo=bar"' gives access to exactly one entry "foo=bar"
> and nothing else. If you want to give access to everything under it, use
> access to dn.sub="foo=bar"
My problem is, that it *does* give access to anything under it;
and that also oc=isp001,app=qwido suddenly appears to be able to read the
whole tree. See further details in other message.
> -- Howard Chu
> Chief Architect, Symas Corp. Director, Highland Sun
> http://www.symas.com http://highlandsun.com/hyc
> Symas: Premier OpenSource Development and Support