[Date Prev][Date Next]
dnattr access rule
I need to grant access to an entry (and its children) to another entry
of my ldap that is listed in a specific attribute.
This entry has a seeAlso attribute, which contains the DN of a user able
to modify it.
I want to make uid=bar,ou=users able to modify cn=foo,ou=people and able
to add children to it. The following access rule doesn't seem to be right:
access to dn="^.*cn=([^,]+),ou=people,dc=domain,dc=tld$"
by dnattr=seeAlso write
by * none
Can you give me help for this please? Thanks for feedback.