On 16/03/2011 17:49, Christian Manal wrote:
Am 16.03.2011 16:31, schrieb George Mamalakis:
so I tried to implement it through acls. I created a group called i.e. "cn=publish mail,ou=Groups,dc=example,dc=com" where people wishing to disclose their emails are members of this group. On the acl statement I couldn't find a way to restrict my acl based on "conditional attributes".
You mean something like this?
access to attrs=mail by group="cn=publish mail,ou=Groups,dc=example,dc=com" read by * noneSee slapd.access(5) for details.
Regards, Christian Manal
Christian thank you for your reply,
No, this is not what i mean. In your example you allow the mail attribute to be shown to those belonging to the cn=publish mail,ou=Groups,dc=example,dc=com group. I want *all* (not those belonging to that group) authenticated users to see this attribute if the owner of the record is member of this group.
I think I am reaching a partial solution which I will send once I test it.
Thanx again for your reply.