Re: ACL problem in OpenLDAP

JOYDEEP writes:

access to dn.regex="cn=([^,]+),ou=personal,ou=contacts,ou=contacts,virtualDomain=([^,]+),dc=suse,dc=ldap$"

This matches a DN whose RDN is a 'cn', immediately below ou=personal, but not subtrees below ou=personal nor RDNs that are not 'cn's. Is that intentional?

by dn.regex="uid=([^,]+),ou=users,virtualDomain=$2,dc=suse,dc=ldap" read

Try by dn.expand="uid=$1,ou=users,virtualDomain=$2,dc=suse,dc=ldap" read

by users none

There is an implicit 'by * none' at the end of each access statement, so that line is not necessary. And I assume you want to stop anonymous access as well, so it's not as if the 'by users' statement is very informative.