[Date Prev][Date Next] [Chronological] [Thread] [Top]

ACLs, regex, negative lookahead

Hi all,

I am trying to use a negative lookahead regex for my peername.regex:

access to dn.one="ou=people,dc=example,dc=com" attrs=ou,telephoneNumber,vacationinfo,vacationstart,vacationend
        by group.exact="cn=admin1,ou=Group,dc=example,dc=com" write
	by peername.regex="^(?!$|$|$|$).*"  read
        by group.exact="cn=admin2,ou=Group,dc=example,dc=com" write
        by self write
        by users read
        by anonymous read

What I am trying to accomplish is for all IPs except,, and give only read access.

But when I restarted slapd I got the following message:
Starting OpenLDAP: slapd/etc/openldap/slapd.conf: line 166: regular expression "^(?!$|$|$|$).*" bad because of Invalid preceding regular expression

I tested this regex in a simple Perl script and it did work.

Does someone know what is wrong with this regex?

I would really appreciate it.

Thanks in advance.

Attachment: signature.asc
Description: This is a digitally signed message part