[Date Prev][Date Next] [Chronological] [Thread] [Top]

regex in group ACL


One of my access control command in slapd.conf does not work. I would like to know why.

Here it is :

access to filter="(objectClass=enatelSSOStorage)" dn.regex="*" attrs="entry"
by group/enatelSSOAccountDelegation/enatelUserEntityObject.regex="cn=test1,cn=test2,$1" read

in my directory I have :


cn=test1 is an entry of objectClass enatelSSOAccountDelegation, and has "uid=francois,ou=users,dc=..." as a value for its enatelUserEntityObject attribute
cn=test3 is of class enatelSSOStorage

I do a bind as uid=francois, then I try to access cn=test3, and I fail.

But if I don't use regex (if I write the exact DNs), I succeed :
access to dn.exact="cn=test3,uid=denis,ou=Users,dc..." attrs="entry"
by group/enatelSSOAccountDelegation/enatelUserEntityObject="cn=test1,cn=test2,cn=test3,uid=denis,ou=Users,dc=..." read

Why doesn't it works with regex ?

Thank you