[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Implementing ACL, using non-local groups

Tio Teath wrote:
Is it possible to implement ACL, using groups which are accessed via
ldap-proxy, i.e. non-local groups? I've managed to setup
authentication for users, which are in remote LDAP server only, but
looks like remote groups  are ignored in case of using 'group.exact='

Yes it is possible, assuming you have back-ldap configured appropriately. You should use acl-bind, see the slapd-ldap(5) manpage.

  -- Howard Chu
  CTO, Symas Corp.           http://www.symas.com
  Director, Highland Sun     http://highlandsun.com/hyc/
  Chief Architect, OpenLDAP  http://www.openldap.org/project/