Kilian R�hner writes:
- Is it possible to specify a regexp as rootdn?
(...) Would be nice for the future to have this (if this is the right place to say it).
If you want someone to remember, the right place is ITS http://www.openldap.org/its/. I doubt it'll happen anytime soon unless someone like you contributes a patch though.
It couldn't be rootdn since that also has another function, allow Bind with that and rootpw. It could be 'rootaccess' or something, maybe otherwise looking like an access statement. But even then, OpenLDAP internals would need some redesign.
(...) The Problem is of course, that openldap has only "read" and "write" rules, while the last one usually implies that one can add, modify and delete.
No, "read" and "write" are shorthands for =dxcsr and =dxcsrwaz, as far as I can see. See 'THE <ACCESS> FIELD' in the slapd.access(5) manpage.
It helps to say what you want to achieve in addition to how you are trying to achieve it...
Anyone has an idea why the Monitor thing is not working?
Nope... might have a look later, it seems fine.