Is it possible to implement ACL, using groups which are accessed via ldap-proxy, i.e. non-local groups? I've managed to setup authentication for users, which are in remote LDAP server only, but looks like remote groups are ignored in case of using 'group.exact=' statement.
Tio Teath wrote:
Is it possible to implement ACL, using groups which are accessed via ldap-proxy, i.e. non-local groups? I've managed to setup authentication for users, which are in remote LDAP server only, but looks like remote groups are ignored in case of using 'group.exact=' statement.
Yes it is possible, assuming you have back-ldap configured appropriately. You should use acl-bind, see the slapd-ldap(5) manpage.
openldap-technical@openldap.org