[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: matching ou=(.*)=.. to dn=$1,ou=.. help

To: "OpenLDAP-software@OpenLDAP.org" <OpenLDAP-software@OpenLDAP.org>
Subject: Re: matching ou=(.*)=.. to dn=$1,ou=.. help
From: Harry Rüter <harry_rueter@gmx.de>
Date: Fri, 31 May 2002 19:20:37 +0200
References: <1022858837.3cf79655c0402@mail.nu.no>

hI;

tarjei@nu.no wrote:
> 
> Hi,
> 
> I'm implementing ldap personal adressbooks for Turba/imp the first webmail and
> adressbook system  that I've seen that contaings propper write support for ldap.
> I've come quite far. (for those interested, I'll probably post a howto soon).
> 
> But, I got one problem. Each user has his/hers own ou. That is I got something like:
> 
> ou=personal,dc=domain,dc=com
>  \
>    - ou=USERID,ou=personal,...
>    - ou=USERID,ou=personal,...
>    - ou=USERID,ou=personal,...
> etc
> now, I want to define an acl like this:
> 
> access to dn="ou=(.+),ou=personlige_adresser,o=nu,c=no"
>         by dn="uid=$1,ou=Brukere,o=nu,c=no" write
>         by * none
> 
> i.e. that only users can read and write to their adressbooks.
> 
> Now, can someone point out the obious misstake I am doing? I've used an hour
> searching the maillinglist now, so please :)

Maybe this way (i'm not really sure) :

access to dn="ou=(.+),ou=personlige_adresser,o=nu,c=no"
       by dn="uid=$1,ou=personlige_adresser,o=nu,c=no" write
       by * none
 
> Tarjei

Greets Harry 
> -------------------------------------------------
> This mail sent through IMP: http://horde.org/imp/

Follow-Ups:
- Re: matching ou=(.*)=.. to dn=$1,ou=.. help
  - From: Edwin Culp <eculp@encontacto.net>

References:
- matching ou=(.*)=.. to dn=$1,ou=.. help
  - From: tarjei@nu.no

Prev by Date: RE: Session Resumption problems with JSSE-OpenLDAP
Next by Date: Re: Having trouble adding users
Index(es):
- Chronological
- Thread