Implementing ACL, using non-local groups - openldap-technical - openldap.org

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

December

Implementing ACL, using non-local groups

dynlist, memberof,and...

(no subject)

Tio Teath

Thursday, 27 September 2012 Thu, 27 Sep '12

3:15 a.m.

Is it possible to implement ACL, using groups which are accessed via ldap-proxy, i.e. non-local groups? I've managed to setup authentication for users, which are in remote LDAP server only, but looks like remote groups are ignored in case of using 'group.exact=' statement.

Reply

Show replies by date

Howard Chu

Thursday, 27 September Thu, 27 Sep

3:54 a.m.

Tio Teath wrote:

Is it possible to implement ACL, using groups which are accessed via ldap-proxy, i.e. non-local groups? I've managed to setup authentication for users, which are in remote LDAP server only, but looks like remote groups are ignored in case of using 'group.exact=' statement.

Yes it is possible, assuming you have back-ldap configured appropriately. You should use acl-bind, see the slapd-ldap(5) manpage. -- -- Howard Chu CTO, Symas Corp. http://www.symas.com Director, Highland Sun http://highlandsun.com/hyc/ Chief Architect, OpenLDAP http://www.openldap.org/project/

Reply

3603

days inactive

3603

days old

openldap-technical@openldap.org

Manage subscription

1 comments

2 participants

tags (0)

participants (2)

Howard Chu
Tio Teath