Hi,
I'm really new to OpenLDAP and try to grant domain-admins access to their domain-subtree in our historicaly grown LDAP Structure.
The Structure is like this:
ou=somedomain.tld,ou=mail,dc=example,dc=tld ou=admins,ou=somedomain.tld,ou=mail,dc=example,dc=tld cn=admin@somedomain.tld,ou=admins,ou=somedomain.tld,ou=mail,dc=example,dc=tld
The ACL I try to use (according to [1]) is:
access to dn.regex=".+,ou=([^,]+),ou=mail,dc=example,dc=tld$" by dn.onelevel,expand="ou=admins,ou=$1,ou=mail,dc=example,dc=tld" write by * break
but it doesn't take effect. After hours of thinking about the problem and searching in the internet I still can't get the poit.
Thank you for reading, Ole