Re: slapo-memberof -> slapo-dynlist and value-based ACLs

14 Feb 2022


      On 2/14/2022 12:43 PM, Michael Ströder wrote:
...
Thus I have ACLs like this and which don't work for these clients (lines 
wrapped):
I'm not sure if you are asking whether the slapo-dynlist memberOf 
implementation supports ACLs in general, or specifically the type of ACL 
you are trying to use?
We are currently using the slapo-dynlist module for memberOf:
dynlist-attrset groupOfURLs memberURL member+memberOf@groupOfNames
and the following ACL appears to work properly:
access to dn.children="ou=user,dc=cpp,dc=edu" attrs=memberOf
         by self read
         by 
group.exact="cn=member-readers,ou=group,ou=service,dc=cpp,dc=edu" read
         by * none

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

Re: slapo-memberof -> slapo-dynlist and value-based ACLs