[Date Prev][Date Next] [Chronological] [Thread] [Top]

set.regex and substring substitution



Hi,

I am trying to grant users access to a ldap object when
user/allowedDomain match the Mail object ou.
To accomplish that I have to use set.regex and substring
substitution, but I was not able to figure out what I am doing wrong.


This is the current ACL:

access to dn.regex="^(.+,)?ou=([^,]+),ou=Mail,o=example,c=BR$"
  by set="user/allowedDomain & this/ou" write

result:
=======
"ou=example.com,ou=Mail,o=example,c=BR"	 			= write(=wrscxd)
"mail=test@example.com,ou=example.com,ou=Mail,o=example,c=BR"	= 0



This is the ACL that I am trying to build. It was expecting both
results as = write(=wrscxd), but I am getting only = 0.

access to dn.regex="^(.+,)?ou=([^,]+),ou=Mail,o=example,c=BR$"
  by set.regex="user/allowedDomain & $2" write

result:
=======
"ou=example.com,ou=Mail,o=example,c=BR"				= 0
"mail=test@example.com,ou=example.com,ou=Mail,o=example,c=BR"	= 0



Any ideas about what I should do for this to work?


Thanks!
Ronie