[Date Prev][Date Next]
Re: regex in group ACL
François Beretti wrote:
One of my access control command in slapd.conf does not work. I would
like to know why.
Here it is :
access to filter="(objectClass=enatelSSOStorage)" dn.regex="*"
Assuming you're using OpenLDAP 2.2, "group.regex" is no longer supported
(as it was doing something completely different from regexec'ing). See
slapd.access(5) for details (and a replacement of what you intend it to do).
Note that even the dn.regex="*" doesn't look so correct to me; I'd
rather use dn.regex=".*".
Finally, in case of match, you should rather use "$0", because "$1"
refers to the first submatch (i.e. enclosed between brackets, and you
don't use any brackets in the dn regex.
So your rule should rather look like
access to filter="(objectClass=enatelSSOStorage)" dn.regex=".*"
SysNet - via Dossi,8 27100 Pavia Tel: +390382573859 Fax: +390382476497