Kilian R�hner writes:
- Is it possible to specify a regexp as rootdn?
No, but if you use SASL (e.g. ldapsearch -H ldapi:// -QY EXTERNAL) or proxy auth, then you can use authz-regexp to rewrite multiple DNs to a single one which you then can use as rootDN.
- In an access-rule, i have a set like:
by set="(user + ([cn=Current,cn=Time,cn=Monitor]/monitorTimestamp)) & (this/modifiersName + this/createTimestamp)" write
You want to let bound users write to entries they created this second? Cool, but fragile since the creation might happen at the end of the second, and the next write op next second.
But it seems, that the Monitor-Part isn't resolved correctly (returns empty and thus empty for the whole set).