hi folks
I have the following ACL for my groups:
# Access to groups addressbooks
# allow read of addressbook by members and egwadmin account access to dn.regex="^cn=([^,]+),ou=shared,ou=contacts,dc=graylion,dc=net$" attrs=entry by group.expand="cn=$1,ou=groups,dc=graylion,dc=net" read by dn.regex="cn=admin,dc=graylion,dc=net" write by users none
# allow members to create entries in there group addressbooks; no-one else can access it # needs write access to the entries ENTRY attribute ... access to dn.regex="cn=([^,]+),ou=shared,ou=contacts,dc=graylion,dc=net$" attrs=entry,@inetOrgPerson,@mozillaAbPersonAlpha by group.expand="cn=$1,ou=groups,dc=graylion,dc=net" write by users none
# ... and the entries CHILDREN access to dn.regex="cn=([^,]+),ou=shared,ou=contacts,dc=graylion,dc=net$" attrs=children by group.expand="cn=$1,ou=groups,dc=graylion,dc=net" write by users none
the LDIF of one of my groups is:
dn: cn=GraylionEnterprises,ou=groups,dc=graylion,dc=net cn: GraylionEnterprises gidNumber: 7 memberUid: user1 memberUid: user2 memberUid: user3 memberUid: ... objectClass: top objectClass: posixGroup
and the log shows this error:
Mar 15 17:20:27 diskslave slapd[6657]: => bdb_entry_get: found entry: "cn=graylionenterprises,ou=groups,dc=graylion,dc=net" Mar 15 17:20:27 diskslave slapd[6657]: <= bdb_entry_get: failed to find objectClass
while eGW shoes this error:
Error saving the contact !!! Insufficient access: so_ldap: 503
what is wrong? Anybody have any ideas?
cheers
Bernhard
PS: this works for personal address books