[Date Prev][Date Next] [Chronological] [Thread] [Top]

I need help with ACL



Hello,
 
My LDAP tree is like this
 
sn=toto,o=bookmarks,c=fr
dcEntry=google,sn=toto,o=bookmarks,c=fr
dcEntry=yahoo,sn=toto,o=bookmarks,c=fr
sn=titi,o=bookmarks,c=fr
dcEntry=google,sn=titi,o=bookmarks,c=fr
dcEntry=yahoo,sn=titi,o=bookmarks,c=fr
 
I want toto to be able to read all bookmarks (of toto AND titi) and to be able to write only his bookmarks
 
I can do it with a simple ACL, but I don't know how to do for an inifinite count of users
 
I thought about something like this
 
access to ".*,sn=self,o=bookmarks,c=fr"
   by self write
   by * read
 
But it seems it doesn't work
 
Someone has an idea (or a better modelisation) ?
 
Thanks