Re: Auth access for search-based mappings?

17 Jan 2010


      Quoting Jaap Winius jwinius@umrk.nl:
...
authz-regexp
        uid=([^,]*),cn=example.com,cn=gssapi,cn=auth
        ldap:///dc=example,dc=com??sub?
             (&(|(entryDN:dnSubtree:=ou=eng,dc=example,dc=com)
                 (entryDN:dnSubtree:=ou=bio,dc=example,dc=com))
             (uid=$1)(objectclass=person))
Unfortunately, this doesn't work at all. ...
But this does work:
authz-regexp
         uid=([^,]*),cn=example.com,cn=gssapi,cn=auth
         ldap:///dc=example,dc=com??sub?
              (&(|(entryDN:dnSubtreeMatch:=ou=eng,dc=example,dc=com)
                  (entryDN:dnSubtreeMatch:=ou=bio,dc=example,dc=com))
              (uid=$1)(objectclass=person))
I found what I needed to know on the man page for slapcat; first example.
Cheers,
Jaap

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

Re: Auth access for search-based mappings?