Hi everybody,
I hope I am sending this email to the correct mailing list, if not
please excuse me.
I am trying to find a way to hide/unhide attributes on my DIT
(openldap-2.4.21) and I cannot find a way to do this. What I mean by
hide/unhide is that I want specific attributes to be listed with
ldapsearch only if the owner of the records agrees. I did not find any
feature that does this "automatically", so I tried to implement it
through acls. I created a group called i.e. "cn=publish
mail,ou=Groups,dc=example,dc=com" where people wishing to disclose their
emails are members of this group. On the acl statement I couldn't find a
way to restrict my acl based on "conditional attributes".
Is there a way to support such a behavior (maybe through an additional
overlay, or oclAccess, etc)?
If someone knows an answer I would be delighted to know so.
Thank you all for your time in advance,
mamalos
PS. I have submitted a similar question to an "ldap programmers" forum,
because I thought that openldap lists don't support such questions.
Nevertheless, I found analogous questions being asked on this list by
googling, so I thought I should give it a try.
--
George Mamalakis
IT Officer
Electrical and Computer Engineer (Aristotle Un. of Thessaloniki),
MSc (Imperial College of London)
Department of Electrical and Computer Engineering
Faculty of Engineering
Aristotle University of Thessaloniki
phone number : +30 (2310) 994379