[Date Prev][Date Next]
Re: set syntax on acl
> I will try to understand the right syntax for set parameters, but I dont
> find sample.
> I have read this:
> and I write this acl but it dosnt work :((
> am I wrong?
> access to dn.regex="jvd=([^,]+),o=hosting,dc=example,dc=tld$"
> by self write
> by set="user/editAccounts & [true]" write
> by dn.exact="cn=phamm,o=hosting,dc=example,dc=tld" read
> by * none
> I think that the postmaster can search and write on the dn children
> his dn
> Thanks in advance
> My slapd is 2.1.30-3
The ACL syntax looks correct; I don't know what's the syntax of
editAccounts but I guess it doesn't really matter, although I suggest you
use the normalized form "TRUE" if its syntax is boolean, since, as far as
I recall, string comparison in evaluating sets is case sensitive, so the
string you provide will be compared to the string representation of the
value of editAccount.
However, I think the real issue is with the version of slapd you're using:
I'm not sure sets are handled appropriately in 2.1; you should really use
the latest stable 2.2.
SysNet - via Dossi,8 27100 Pavia Tel: +390382573859 Fax: +390382476497