[Date Prev][Date Next]
acls for "remote groups"
- To: <openldap-software@OpenLDAP.org>
- Subject: acls for "remote groups"
- From: "Raissa Dantas Freire de Medeiros" <firstname.lastname@example.org>
- Date: Tue, 14 Jun 2005 17:08:10 -0300
- Content-class: urn:content-classes:message
- Thread-index: AcVxHMliZ/dZLy81RHanwxTBL5U3NA==
- Thread-topic: acls for "remote groups"
Does anybody already needed to grant access to a group of another partition?
Suppose you are on a.com.br server (DN suffix: dc=br). Its acl conf file is:
access to dn.subtree="dc=br"
by group/groupOfNames/member="cn=g1,ou=pb,dc=br" write
by * read
The group cn=g1,ou=pb,dc=br is on another server (suppose b.com.br server, DN suffix: ou=pb,dc=br).
I have noticed slapd ignores the first <who> clause when evaluating acls!!!!
Thanks a lot,