27 Sep
2012
27 Sep
'12
3:54 a.m.
Tio Teath wrote:
Is it possible to implement ACL, using groups which are accessed via ldap-proxy, i.e. non-local groups? I've managed to setup authentication for users, which are in remote LDAP server only, but looks like remote groups are ignored in case of using 'group.exact=' statement.
Yes it is possible, assuming you have back-ldap configured appropriately. You should use acl-bind, see the slapd-ldap(5) manpage.
--
-- Howard Chu
CTO, Symas Corp. http://www.symas.com
Director, Highland Sun http://highlandsun.com/hyc/
Chief Architect, OpenLDAP http://www.openldap.org/project/