[Date Prev][Date Next]
"hidden" attributes in openldap?
- To: firstname.lastname@example.org
- Subject: "hidden" attributes in openldap?
- From: George Mamalakis <email@example.com>
- Date: Wed, 16 Mar 2011 17:31:27 +0200
- User-agent: Mozilla/5.0 (X11; U; FreeBSD amd64; en-US; rv:18.104.22.168) Gecko/20110109 Lightning/1.0b2 Thunderbird/3.1.7
I hope I am sending this email to the correct mailing list, if not
please excuse me.
I am trying to find a way to hide/unhide attributes on my DIT
(openldap-2.4.21) and I cannot find a way to do this. What I mean by
hide/unhide is that I want specific attributes to be listed with
ldapsearch only if the owner of the records agrees. I did not find any
feature that does this "automatically", so I tried to implement it
through acls. I created a group called i.e. "cn=publish
mail,ou=Groups,dc=example,dc=com" where people wishing to disclose their
emails are members of this group. On the acl statement I couldn't find a
way to restrict my acl based on "conditional attributes".
Is there a way to support such a behavior (maybe through an additional
overlay, or oclAccess, etc)?
If someone knows an answer I would be delighted to know so.
Thank you all for your time in advance,
PS. I have submitted a similar question to an "ldap programmers" forum,
because I thought that openldap lists don't support such questions.
Nevertheless, I found analogous questions being asked on this list by
googling, so I thought I should give it a try.
Electrical and Computer Engineer (Aristotle Un. of Thessaloniki),
MSc (Imperial College of London)
Department of Electrical and Computer Engineering
Faculty of Engineering
Aristotle University of Thessaloniki
phone number : +30 (2310) 994379