Hello,<br><br>I have the following tree structure in LDAP:<br>ou=people,dc=example,dc=com<br>  uid=user1,ou=people,dc=example,dc=com<br><div id=":5j">           cn=child1,uid=user1,ou=people,dc=example,dc=com<br>           cn=child2,uid=user1,ou=people,dc=example,dc=com<br>

  uid=user2,ou=people,dc=example,dc=com<br>..<br><br>I would like 
to make access in such a way: if father&#39;s account (uid=user1,ou=people,dc=example,dc=com) is inactivated 
(description=inaktiv), all children become inaccessible.<br>I have tried with this, but it has not functioned:<br> to dn.regex=&quot;uid=([^,]+),ou=people,dc=example,dc=com&quot; filter=&quot;(description=inaktiv)&quot; attrs=children <br>
 by group.exact=&quot;cn=ldapadmin,dc=example,dc=com&quot; tls_ssf=128 sasl_ssf=56 write <br>
 by * none<br><br><br>Is it possible to implement such a thing?<br>Thanks in advance for help!<br><br>Natalia<br></div>