Michael Ströder wrote:
Anders wrote:
> We are using OpenLDAP for user authentication. Now we want to reuse the
> data for internal address books. My problem is that not all records should
> be shown in the address books.
>
> Just as an example, I might want to hide all records that have
> (active=FALSE).
First I'd try to consider using ACLs for this.
=> your user authentication applications should have somewhat "higher"
rights than your e-mail clients.
Using back-relay should work; the relay backend can use a different set of
ACLs from the main backend.
--
-- Howard Chu
CTO, Symas Corp.
http://www.symas.com
Director, Highland Sun
http://highlandsun.com/hyc/
Chief Architect, OpenLDAP
http://www.openldap.org/project/