[Date Prev][Date Next] [Chronological] [Thread] [Top]

problem with posixGroup in ACL


I have seen this question asked before, but never saw an answer: http://www.openldap.org/lists/openldap-software/200303/msg00164.html

I am attempting to use an LDAP group in an ACL, to permit write access for members of a specific group.

I am using the following ACL:

  access to *
     by group/posixGroup/memberUid="cn=admin,cn=groups,dc=example,dc=edu" write
     by * read

I am getting the following error when running /usr/local/libexec/slapd -d65535:

/usr/local/etc/openldap/slapd.conf: line 58: group "cn=admin,cn=groups,dc=fandm,dc=edu": inappropriate syntax:

This is working in specific Apple releases of OpenLDAP for Mac OSX Server, but not in the OpenLDAP release 2.1.22.

Can anyone help clue me in to the problem here? Is there a specific patch available to make this work?