fre, 2003-01-03 kl. 14:53 skrev Tony Earnshaw:
fre, 2003-01-03 kl. 11:32 skrev Paul Wilson:
I'm sure many others will reply, but as far as I can see from slapd.conf
and the debug output, you are trying to equate uid with cn. They aren't
the same.
The regex stuff works perfectly for me with 2.1.5 to 2.1.10, but it is
advisable to be consequent ...
access to * by dn="uid=(.*),ou=Users,o=ORG,c=US"
group="cn=$1,ou=Users,o=ORG,c=US" write by
dn="uid=Manager,ou=Users,o=ORG,c=US" write by anonymous auth
The problem that I am having is that the $1 variable is not being
populated. As I understand regular expressions, the (.*) should match
on any pattern.
Hmmm ... looking at it again, the slapd.conf syntax isn't Kosher,
either.
access to dn="cn=([^,]+),ou=Users,o=ORG,c=US"
by anonymous auth
by dn="cn=$1,ou=Users,o=ORG,c=US" read (i.e. "by self read")
by group="cn=Managers,ou=Users,o=ORG,c=US" write
by * none
The above is trash, I realize, but the syntax is o.k. as an example.
The indents and paraphrazing are important - don't put comments (like I
have done) or newlines or anything else in your rules.
Best,
Tony