[Date Prev][Date Next] [Chronological] [Thread] [Top]

Group membership ACLs

To: openldap-software@OpenLDAP.org
Subject: Group membership ACLs
From: Jerry Haltom <wasabi@larvalstage.net>
Date: 30 Apr 2003 21:28:58 -0500
Organization:

I have a group object, cn=admins,ou=groups,dc=feedbackplusinc,dc=com.
It is of objectClass posixGroup. It is used for unix authentication and
such. Understandable. Members are listed in it by user id, in the
memberUid attribute.

I want to create a regular expression ACL to assign a certain right when
binding as an object whose uid attribute is contained in this admins
group.

Basically, group permissions on ACLs.

I also want to avoid hopefully creating duplicate items, or duplicate
user listings. It would be nice to have this one memberUid attribute all
that needs to be modified to add somebody into the group.

Is this doable? I looked into groupOfNames, but was unable to get it to
work. I was thinking a regular expression might be more appropiate. Has
anybdoy managed to accomplish this?

Thanks!

Jerry Haltom
Feedback Plus, Inc.

Follow-Ups:
- Re: Group membership ACLs
  - From: Christian Jung <Christian.Jung@wanadoo.fr>

Next by Date: Re: Performance issues
Index(es):
- Chronological
- Thread