[Date Prev][Date Next]
Group ACLs and indirection
Just wondering, before I go and delve into the code, whether there
was a way of doing group based ACLs in the same way as dnattr allows
indirection on the user DN.
Essentially, I'd like an object to contain an attribute holding the
DN of the group permitted to access that object, and then be able to
do access control based on the user being a member of the group
pointed to by that DN.
I can find an email from Kurt in 1999, suggesting a groupattr
directive be implemented, and welcoming contributions. Would a
contribution of this still be welcomed 9 years later?