Hello,
I would like to restrict bind users in the search. I've already managed that they only see groups for which you have been activated. Now I have the problem that bind users should only see users in the people branch if they know the exact user name in the search.
So far I have solved the whole thing using the following two ACL sets. You can now also search for people. Since I had to include objectClass for the search to work, you can search for all people or for other values. However, I want all the data I specify to be displayed, but only if the username returns an exact result. I am at the end of my knowledge with the ACL sets. All the Info on ACL cannot help me further here.
{5} to dn.exact="ou=Personen,dc=SERVER" by group.exact="GROUP" search by * break {6} to dn.one="ou=Personen,dc=SERVER" attrs=entry,cn,objectClass,givenname,uid,mail,sn,userPassword by group.exact="GROUP" read by * break
Thanks a lot.
Kindly
Lukas Adrian
openldap-technical@openldap.org