[Date Prev][Date Next]
Re: access control, groups/organizationalRole
Frederik Bosch <firstname.lastname@example.org> writes:
> That's not what I mean, but thanks for your suggestion.
> Let me try to rephrase. Suppose I have an organizationalRole located
> in Amsterdam and Rotterdam. Now I only want to assign rights to all
> occupants of the organizationalRole located in Amsterdam.
> In xpath-like syntax, this would look like this.
> access to * by
> group/organizationalRole[@location="Amsterdam"]/roleOccupant read
> How do I need to rewrite this for slapd?
You may have a look at access control by sets.
Dieter Klünter | Systemberatung
GPG Key ID:8EF7B6C6