Re: LDAP search issue.

20 Nov 2006


      On Mon, Nov 20, 2006 at 11:00:46AM +0200, G?khan wrote:
...
Hello;
I have a question on LDAP search issue.
I want to disable full search on the LDAP tree.
Eg:
My LDAP Tree is:
c=US, o=Dept1, cn=John Smith
c=US, o=Dept1, cn=Ann Adams
I want to deny to read full listing of the tree but only allow when the
search condition meets only the required person.
In the example above I want nobody to be listed. But when the search
criteria is "c=US, o=Dept1, cn=Ann Adams"  this entry must be listed. When a
search on "c=US" comes, nothing must be listed.
What is the correct  Access Control Information for this request??
Something like:
access to dn.children=c=US, o=Dept1 by * read
access to dn.children=c=US, o=Dept2 by * read
access to dn.sub=c=US by * deny
It's just untested idea.
For details read slapd.access(5) about dnstyle
WBR
-- 
Dmitriy Kirhlarov
OILspace, 26 Leninskaya sloboda, bld. 2, 2nd floor, 115280 Moscow, Russia
P:+7 495 105 7247 ext.208 F:+7 495 105 7246 E:DmitriyKirhlarov@oilspace.com
OILspace - The resource enriched - www.oilspace.com

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

Re: LDAP search issue.