[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: ldap ACLS with regex

Subject: Re: ldap ACLS with regex
From: Jeronimo Zucco <jczucco@ucs.br>
Date: Mon, 14 May 2007 15:48:07 -0300
Cc: openldap-software@openldap.org
In-reply-to: <4648A4F6.4050509@ucs.br>
References: <4648A4F6.4050509@ucs.br>
User-agent: Thunderbird 1.5.0.10 (X11/20070403)

Jeronimo Zucco escreveu:

   Hi list.
I'm using openldap 2.3.35 to my mail user database, and I have this structure:
uid=user1,ou=People,dc=domain,dc=br
ou=ImpPrefs,uid=user1,ou=People,dc=domain,dc=br
cn=user1,ou=PersonalAddressBook,dc=domain,dc=br
I try to make ACLs to permit just "self" users to write, in his ImpPrefs and PersonalAddressBook, without success.
I did not find much examples of ACLs with regex, I try to do:
access  to dn="^.*,uid=([^,]+),(.*),ou=People,dc=domain,dc=br"
       by dn="uid=$1,$2,ou=People,dc=domain,dc=br"        write
       by *                                            none
but this give me an error.
Somebody can help me?

Answer to my self:

access  to dn.regex="^.*,uid=([^,]+),(.*),ou=People,dc=domain,dc=br$"
       by dn.exact,expand="uid=$1,$2,ou=People,dc=domain,dc=br"   write
       by *                                            none


I'm I right ?

--
Jeronimo Zucco
LPIC-1 Linux Professional Institute Certified
Núcleo de Processamento de Dados
Universidade de Caxias do Sul

http://jczucco.blogspot.com

Follow-Ups:
- Re: ldap ACLS with regex
  - From: Pierangelo Masarati <ando@sys-net.it>

References:
- ldap ACLS with regex
  - From: Jeronimo Zucco <jczucco@ucs.br>

Prev by Date: ldap ACLS with regex
Next by Date: Re: Compiling for the Win32 platform?
Index(es):
- Chronological
- Thread