[Date Prev][Date Next]
Re: ACL syntax with wildcards
Nick Milas wrote:
We would like to use ACL statements of the form (used for illustration
access to dn.subtree="ou=people,dc=example,dc=com"
by group.exact="cn=xxxxxAdmins,ou=Groups,dc=example,dc=com" write
by group.exact="cn=allAdmins,ou=Groups,dc=example,dc=com" read
by self read
where xxxxx is some string.
In essence, we assign people entries to various administrative groups,
depending on the value of the ou attribute of the entry.
Of course we can write many statements, one per ou value / admin group,
but it would be much more concise to use just one statement using wildcards.
Could someone please suggest if and how the above can be written
correctly, using e.g. regex?
I appreciate any suggestions.
-- Howard Chu
CTO, Symas Corp. http://www.symas.com
Director, Highland Sun http://highlandsun.com/hyc/
Chief Architect, OpenLDAP http://www.openldap.org/project/