HI!
Is it possible to grant access in an ACL by a certain attribute value of the superior entry?
I'd like to be able to disable bind for users based on a status flag in the container entry under which all user entries reside.
Ciao, Michael.
Michael Ströder michael@stroeder.com writes:
HI!
Is it possible to grant access in an ACL by a certain attribute value of the superior entry?
I'd like to be able to disable bind for users based on a status flag in the container entry under which all user entries reside.
sets come to my mind. Something like access to cn=something by user & [cn=other\attributetype & value]
more on sets at http://www.openldap.org/faq/data/cache/1133.htm
-Dieter
"Dieter Kluenter" dieter@dkluenter.de writes:
Michael Ströder michael@stroeder.com writes:
HI!
Is it possible to grant access in an ACL by a certain attribute value of the superior entry?
I'd like to be able to disable bind for users based on a status flag in the container entry under which all user entries reside.
sets come to my mind. Something like access to cn=something by user & [cn=other\attributetype & value]
oops, the magic word set is missing, so access to cn=something by set="user & [cn=other\attributety0 & value]"
more on sets at http://www.openldap.org/faq/data/cache/1133.html
-Dieter
openldap-technical@openldap.org
-
Dieter Kluenter -
Michael Ströder