[Date Prev][Date Next] [Chronological] [Thread] [Top]

Returning objects on exact DN match



Hello,

I am trying to publish information only when the exact DN is used, as a measure against iteration of accounts.

I configured:

olcAccess: to dn.regex="^uid=[^,]+,(ou=[^,]+,)*dc=openfortress,dc=nl$" by (admin) write by * =rcdx

Note how this is like read privilege =rscdx minus the =s search filter privilege.  I am told that I lack the permission, and suspect the deafult search filter (objectClass=*) requires the =s privilege.

Is what I am trying to do posisble with OpenLDAP?


Thanks,
 -RIck