[Date Prev][Date Next]
Re: slapd and permissions
So, how would the conf directive look like ? Something like:
access to dn.regex="ou=Domains,uid=(.*),ou=Drones,dc=unimatrix-one,dc=org"
by dn.regex="uid=$1,ou=Drones,dc=unimatrix-one,dc=org" write
by * read
And how do i "and to the pseudoattribute "entry" of the entry you want to
On Saturday 10 of April 2004 12:38, Pierangelo Masarati wrote:
> Jernej Kos wrote:
> >Well, i would like that users would be able to add or change all objects
> > below their "Domains".
> you need to explicitly add write access to the pseudo attribute
> "children" of the
> parent entry, and to the pseudoattribute "entry" of the entry you want
> to add.
> See also http://www.openldap.org/faq/data/cache/189.html
> >Where can i get slapd.access of 2.2
> In 2.2 sources; from the CVS; ...
> >(there is only 2.1 on
> >openldap.org site).
> >On Friday 09 of April 2004 15:38, Pierangelo Masarati wrote:
> >>OK. Now you should specify what kind of write access you need and you
> >>don't get
> >>with this ACL. In slapd.acces(5) of 2.2 you'll find a clear description
> >>of the
> >>access level you need to each portion of an entry for each operation.
> >> You should
> >>also indicate what identity you're using; you could look at logging with
> >>level 16 (ACL)
> >>to see whhere in the ACL check your access fails.
> SysNet - via Dossi,8 27100 Pavia Tel: +390382573859 Fax: +390382476497