Hi,
I am trying to grant users access to a ldap object when user/allowedDomain match the Mail object ou. To accomplish that I have to use set.regex and substring substitution, but I was not able to figure out what I am doing wrong.
This is the current ACL:
access to dn.regex="^(.+,)?ou=([^,]+),ou=Mail,o=example,c=BR$" by set="user/allowedDomain & this/ou" write
result (tested using "slapacl -D"): ======= "ou=example.com,ou=Mail,o=example,c=BR" = write(=wrscxd) "mail=test@example.com,ou=example.com,ou=Mail,o=example,c=BR" = 0
This is the ACL that I am trying to build. It was expecting both results as = write(=wrscxd), but I am getting only = 0.
access to dn.regex="^(.+,)?ou=([^,]+),ou=Mail,o=example,c=BR$" by set.regex="user/allowedDomain & $2" write
result (tested using "slapacl -D"): ======= "ou=example.com,ou=Mail,o=example,c=BR" = 0 "mail=test@example.com,ou=example.com,ou=Mail,o=example,c=BR" = 0
Any ideas about what I should do for this to work?
Thanks! Ronie