On Sun, 2010-02-21 at 13:26 +0100, masarati@aero.polimi.it wrote:
I am searching for a rule like this:
access to "cn=[^,]+,ou=data1,ou=data" attrs="attr1,attr2,attr3" by dnattr="owner of node ou=data1,ou=data" write
Try
access to dn.children="ou=data1,ou=data" by set="[ou=data1,ou=data]/owner & user" write
Thanks for this hint. The man page for slapd.access currently says "The statement set=<pattern> is undocumented yet". Is there anywhere else a detailed documentation for this?
Especially, can I use regular expressions? Because my real need would be something like this:
access to dn.children="(ou=[^,]+,ou=data)" by set="[$1]/owner & user" write
so that I do not have to define a rule for each dataX-subtree...
Thanks and regards -stefan-