[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
RE: LDAP Access Control
> Remember that regexp matches are "greedy" - a pattern will go for the longest
> possible match in a string. So a pattern "cn=.*,ou=foo" will match
> cn=joe,ou=sub,dc=xyz,ou=foo
> cn=bob,ou=foo
> cn=,ou=foo
> etc...
Thanks, Howard. It was exactly the greediness that I was asking
about in a previous mail.
I'am not so concerned about matching for instance
cn=joe,ou=sub,dc=xyz,ou=foo
but I am concerned about *not* matching
cn=Suares, Ace,ou=foo
That's why the question was: is it allowed to have a , or an =
between cn= and ,ou=foo !
Probably the answer is in a FAQ or manual where it states which
characters are allowed - but haven't found that yet.
Another question that still lays around is if it is possible to use
ACL's to restrict the creation of certain records.
I think it's not. Is this a feature that is likely to be given any
thought by the developers ?
_ace.