[Date Prev][Date Next]
Re: "dynamic" acls
Quanah Gibson-Mount wrote:
--On Wednesday, January 21, 2004 8:33 PM +0100 Alexander Blüm
is it possible to apply new acl rules without restarting slapd?
like disallowing some users acces to a certain branch of the ldap
That is not possible at this time with ACL's.
One thing you can do, however, is set up an ACL which applies the
rule you would like to a certain *group* in the LDAP tree, and then
add users to that group. Not quite as dynamic as you might like,
but you can use it to achieve the desired effect under certain
circumstances. You have to have a good idea beforehand, however,
of how your tree will be arranged, and what "permissions" you
want to apply.