[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: ldap ACLS with regex

Jeronimo Zucco escreveu:
   Hi list.

I'm using openldap 2.3.35 to my mail user database, and I have this structure:




I try to make ACLs to permit just "self" users to write, in his ImpPrefs and PersonalAddressBook, without success.

I did not find much examples of ACLs with regex, I try to do:

access to dn="^.*,uid=([^,]+),(.*),ou=People,dc=domain,dc=br" by dn="uid=$1,$2,ou=People,dc=domain,dc=br" write by * none

but this give me an error.

Somebody can help me?

Answer to my self:

access  to dn.regex="^.*,uid=([^,]+),(.*),ou=People,dc=domain,dc=br$"
       by dn.exact,expand="uid=$1,$2,ou=People,dc=domain,dc=br"   write
       by *                                            none

I'm I right ?

Jeronimo Zucco
LPIC-1 Linux Professional Institute Certified
Núcleo de Processamento de Dados
Universidade de Caxias do Sul