[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: ACL questsion about "by group"

To: openldap-software@OpenLDAP.org
Subject: Re: ACL questsion about "by group"
From: Dieter Kluenter <dieter@dkluenter.de>
Date: Fri, 19 Nov 2004 17:38:46 +0100
In-reply-to: <200411191051.13403.misty@borkholder.com> (Misty Stanley-Jones's message of "Fri, 19 Nov 2004 10:51:13 -0500")
References: <200411191051.13403.misty@borkholder.com>
User-agent: Gnus/5.1002 (Gnus v5.10.2) XEmacs/21.4 (Rational FORTRAN, linux)

Misty Stanley-Jones <misty@borkholder.com> writes:

> I am sure I'm not understanding this right.  What I would like to do is grant 
> access based on membership in a posixGroup entry.  I am not seeming to get 
> the syntax right.  I've tried doing:
>
> access to <resource>
> 	by group="cn=PosixGroup,dc=mycompany,dc=com" write
>
> That group contains three memberUID entries.  The ACL is not working though.
>
> I read slapd.access carefully and even tried:
> by group/posixGroup/memberUID="cn=PosixGroup,dc=mycompany,dc=com" write
>
> But that one doesn't work either.  I'm thinking I am probably not 
> understanding some of the conventions used in the man page.  Any help would 
> be great!

How is the value for the attribute memberUID passed to slapd when
authenticating? 

-Dieter

-- 
Dieter Klünter | Systemberatung
http://www.dkluenter.de
GPG Key ID:01443B53

Follow-Ups:
- are mulivalued attributes really unordered?
  - From: John Woodell <woodie@worldpac.com>

References:
- ACL questsion about "by group"
  - From: Misty Stanley-Jones <misty@borkholder.com>

Prev by Date: Re: ACL questsion about 'by group'
Next by Date: Automount issue with uppercase mountpoints
Index(es):
- Chronological
- Thread