[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: ACLs based on attributes?



Jaap Winius <jwinius@umrk.nl> writes:

> Quoting Quanah Gibson-Mount <quanah@zimbra.com>:
>
>> Blah, I was thinking this in the wrong direction.  Sets are likely what
>> you need.  I think the syntax would be more
>>
>> by set.exact="user/title=telephonemanager" write
>
> This looks great, but I've tested it (with slapd v2.4.11) and
> unfortunately it doesn't want to work. Could there any special
> requirements that might be necessary before sets can be used?

this rule should do the trick:
access to dn.regex="cn=([^,]+),ou=whatsoever$"
          attrs=telephoneNumber
       by set="user/title & [telephoneManager]" write

-Dieter


-- 
Dieter Klünter | Systemberatung
http://dkluenter.de
GPG Key ID:8EF7B6C6
53°37'09,95"N
10°08'02,42"E