[Date Prev][Date Next]
Re: apping ACLs to groupmembers
On Sun, Mar 06, 2005 at 09:50:55AM +0100, Dieter Kluenter wrote:
> Andreas Schuldei <email@example.com> writes:
> > * Dieter Kluenter (firstname.lastname@example.org) [040117 17:44]:
> >> Andreas Schuldei <email@example.com> writes:
> >> If you are looking for access control not based on subtrees but on
> >> entries you should try aci's.
> > this has become a issue again and still needs solving.
> > to clarify:
> > members in group A can write to certain attributes of entries in group B.
> > members in group C can write to certain attributes of entries in group A and B.
> > the groups are hybrids of posixGroup and groupOfNames.
> Read man slapd.access(5), there are some samples on attributelists.
> Furthermore this could be achieved with set, for sample configuration
> search the the archive, as Ando has mailed a few examples lately. The
> following faqs may help as well.
i tried and think the search engine is not playing along:
can you please give some more search phrases to use?
i am reading up on sets now, but dont see yet how they can help
me to limit access based on group membership in the subject and
the object. note that i mean user's membership in posixGroups or