[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: acl help access to 'own' attributes



It depends on how many user you have, were are the user-objects are
located in your tree, there are not enough  information to solve your
problem. If the users are spread over the hole tree you need some kind
of regex-ACLs


Am 27.11.19 um 22:41 schrieb Marc Roos:
> Can anyone help how I should make the acls that allows users[2] access 
> attributes of ldap entries[1] that have themselves listed in the 
> attribute value sendmailMTAMapValue
>
> Something like:
> Access to children? ou=xxxx,ou=dddd,ou=cccc,dc=bbbb,dc=aaaa,dc=local 
> filter=(sendmailMTAMapValue=VAR1) attrs=sendmailMTAKey
>   by uid=VAR1,ou=yyyy,ou=dddd,ou=cccc,dc=bbbb,dc=aaaa,dc=local read
>
>
> [1]
> dn: 
> sendmailMTAKey=test@example.com,ou=xxxx,ou=dddd,ou=cccc,dc=bbbb,dc=aaaa,
> dc=local
> objectClass: sendmailMTA
> objectClass: sendmailMTAMap
> objectClass: sendmailMTAMapObject
> objectClass: ritAdditionalInfo
> sendmailMTAMapName: virtuser
> sendmailMTACluster: mail
> sendmailMTAKey: test@example.com
> sendmailMTAMapValue: testuser
>
> [2]
> uid=testuser,ou=yyyy,ou=dddd,ou=cccc,dc=bbbb,dc=aaaa,dc=local
>
-- 
Stefan Kania
Landweg 13
25693 St. Michaelisdonn


Signieren jeder E-Mail hilft Spam zu reduzieren und schützt Ihre Privatsphäre. Ein kostenfreies Zertifikat erhalten Sie unter https://www.dgn.de/dgncert/index.html




Attachment: smime.p7s
Description: S/MIME Cryptographic Signature