[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: acl question
At 02:20 PM 10/27/99 -0500, Jason Bodnar wrote:
>Is this possible?
In general, no. The access control system does not support
arbitrary joins.
The access control system, however, does support a mechanism
to support manager relations through dn attributes such as
'owner' (as defined by RFC).
access to *
by self write
by dnattr=owner write
by dn=".+" read
by * none
would grant each user write access to their entry and
any entry they own (and read access to bound users and
no access to anonymous users).
----
Kurt D. Zeilenga <kurt@boolean.net>
Net Boolean Incorporated <http://www.boolean.net/>