30 May
2008
30 May
'08
11:42 a.m.
Michael Ströder wrote:
Anders wrote:
We are using OpenLDAP for user authentication. Now we want to reuse the data for internal address books. My problem is that not all records should be shown in the address books.
Just as an example, I might want to hide all records that have (active=FALSE).
First I'd try to consider using ACLs for this. => your user authentication applications should have somewhat "higher" rights than your e-mail clients.
Using back-relay should work; the relay backend can use a different set of ACLs from the main backend.
--
-- Howard Chu
CTO, Symas Corp. http://www.symas.com
Director, Highland Sun http://highlandsun.com/hyc/
Chief Architect, OpenLDAP http://www.openldap.org/project/