[Date Prev][Date Next]
Re: ACLs based on attributes?
Jaap Winius <firstname.lastname@example.org> writes:
> Quoting Quanah Gibson-Mount <email@example.com>:
>> Blah, I was thinking this in the wrong direction. Sets are likely what
>> you need. I think the syntax would be more
>> by set.exact="user/title=telephonemanager" write
> This looks great, but I've tested it (with slapd v2.4.11) and
> unfortunately it doesn't want to work. Could there any special
> requirements that might be necessary before sets can be used?
this rule should do the trick:
access to dn.regex="cn=([^,]+),ou=whatsoever$"
by set="user/title & [telephoneManager]" write
Dieter Klünter | Systemberatung
GPG Key ID:8EF7B6C6