[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: I'm puzzled (problem with ACLs)

To: Pierangelo Masarati <masarati@aero.polimi.it>
Subject: Re: I'm puzzled (problem with ACLs)
From: Nicolas Chauvat <Nicolas.Chauvat@logilab.fr>
Date: Fri, 6 Jul 2001 15:07:10 +0200 (CEST)
Cc: openldap-software@OpenLDAP.org, malere@yahoo.com
In-reply-to: <3B45B6B0.C9432F0E@aero.polimi.it>

On Fri, 6 Jul 2001, Pierangelo Masarati wrote:

> Nicolas Chauvat wrote:
> 
> >         access to dn=".*, ou=assistants, dc=logilab, dc=fr" by * write
> >         access to dn=".*, ou=assistants, dc=logilab, dc=fr" by dn="^$$" write
> >         access to dn=".*, ou=assistants, dc=logilab, dc=fr" by dn="" write
> >         access to dn=".*, ou=assistants, dc=logilab, dc=fr" attr=status by * write
> >
> > but none of the above will work. OTOH,
> >
> >         access to * by * write
> 
> trim spaces between commas ',' and the following attribute type
> in DNs when writing ACLs (actually, acls use normalized DNs):
> 
> access to dn=".*,ou=assistants,dc=logilab,dc=fr" by * write

Thanks a lot, that works. My problem was that I'm using openldap-1.2.9 and
didn't want to use the only LDAP Admin Guide available on-line at
openldap.org for it describes version 2.x. Hence I used the LDAP howto
from the LinuxDoc project that gives an example with whitespaces...

I'm cc'ing the author, Luiz Malere (Hi there!), that did a very nice job
of writing this useful LDAP-HOWTO.

Thanks all !

-- 
Nicolas Chauvat

http://www.logilab.com - "Mais où est donc Ornicar ?" - LOGILAB, Paris (France)

References:
- Re: I'm puzzled (problem with ACLs)
  - From: Pierangelo Masarati <masarati@aero.polimi.it>

Prev by Date: Re: PAM/LDAP performance problem
Next by Date: Re: Advanced ACL configuration?
Index(es):
- Chronological
- Thread