On 04/19/2010 04:04 PM, masarati@aero.polimi.it wrote:
Hi Andrew
I finally figured it out and here is what I did:
ACL
access to attrs=uofsGroupRole val.regex="^([^:]+):.+$"
by dn.exact,expand="${v1}" read
by * none
Only attribute that contains users' dn within its value is available to
said user. It works exactly the way I want it. Only difference from
documentation is "${v1}" which explained here:
http://www.openldap.org/lists/openldap-bugs/200811/msg00078.html if you
are interested...
I've documented this feature in slapd.access(5), as part of ITS#5804.
Thanks, p.
My pleasure.
--
Sergiy Stepanenko
Systems Administrator
Information Technology Services
University of Saskatchewan
-----------------------------------
phone: (306) 966-2762
email:sergiy.stepanenko@usask.ca