[Date Prev][Date Next] [Chronological] [Thread] [Top]

RE: LDAP Access Control



Kurt !

Thanks so much for pointing this out.

My eminent ACL entry in the faq is getting more shape now ;-)

> At 07:24 PM 2002-09-19, Ace Suares wrote:
> >I'am not so concerned about matching for instance
> >cn=joe,ou=sub,dc=xyz,ou=foo
> >but I am concerned about *not* matching
> >cn=Suares, Ace,ou=foo
> 
> That's actually an invalid DN.  I assume you mean:
>   cn=Suares\, Ace,ou=foo
> 
> In 2.1, this DN has the normalized form:
>   cn=suares\2c ace,ou=foo


So, in 2.0 or earlier, the [^,]+ *is* matching the wrong things.

Thanks so much for this clarification.

still 2 to go:

What about the = character ?

And how about restricting the creation of certain entries by ACL ?


Many greetings,
Ace