[Date Prev][Date Next] [Chronological] [Thread] [Top]

ACL: Combining domain and other <who> directives?

To: openldap-software@OpenLDAP.org
Subject: ACL: Combining domain and other <who> directives?
From: Marian Steinbach <marian@ds.fh-koeln.de>
Date: Tue, 23 Apr 2002 23:50:57 +0200
User-agent: Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; rv:0.9.9+) Gecko/20020322

Hello!

After digging into the admin guide and FAQmatic I am not yet aware of how to solve this problem:

I only want to allow access to an OpenLDAP 2 server from one domain. Within that domain, some other <who> directives are important in order to allow different access from none to write. Maybe I am suffering from total misconception, but I am just missing boolean operators like "NOT" operator or an "AND", that's why I cant formulate the rules in OpenLDAP lingo.

In pseudo code, this is what I am after:

access to *
 if (domain ==  .*.domain.tld) {
     if (self) {
       write
     }
     elseif (users) {
       read
     }
 }
 else {
     no access at all.
 }


Can anybody help out here?

Thanks!

Marian

Follow-Ups:
- Re: ACL: Combining domain and other <who> directives?
  - From: Pierangelo Masarati <masarati@aero.polimi.it>

Prev by Date: Log on Openldap for Windows
Next by Date: Problem Adding
Index(es):
- Chronological
- Thread