[Date Prev][Date Next]
Re: set ACL specification/syntax
On Fri, Mar 6, 2009 at 4:45 PM, Quanah Gibson-Mount <email@example.com> wrote:
> Which ACL is "This ACL"?
access to dn.subtree="ou=group,dc=mydomain"
by set="this/cn & user/uid" write
> Have you turned on acl level debugging to see what exactly is occurring when
> you go to do operations?
Yes, and it is falling right past the above acl and hitting the
catchall for the top of the directory for * read.
> Also, what OpenLDAP release are you using?
Heh, OpenLDAP 2.4.11. Old I know, I've been meaning to go back to a
stable 2.3 for some time, but 2.4.x had certain fixes for the
translucent overlay that I needed, which I don't need anymore.