Re: access control, groups/organizationalRole

26 Aug 2010

      Frederik Bosch frederik.bosch@gmail.com writes:
...
Thanks again Dieter. That looks way to difficult for me :). I changed
some things. Now suppose that I want to assign read access to every
roleOccupant in a organizationalRole.
access to * by group/organizationalRole/roleOccupant read

But that's not correct syntax. Slapd won't start. It has to be like this:
access to * by group/organizationalRole/roleOccupant="<DN>" read

What syntax do I need to let "<DN>" match the whole tree?
by
group/organizationalRole/roleOccupant.expand="^cn=([^,]+),ou=subtree,o=myOrganization$"
or similar, see man slapd.access(5) for more information.
-Dieter
-- 
Dieter Klünter | Systemberatung
sip: 7770535@sipgate.de 
http://www.dpunkt.de/buecher/2104.html
GPG Key ID:8EF7B6C6

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

Re: access control, groups/organizationalRole