[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: ACL domain= question



You dont say what version of OpenLDAP you're using.
Domain is the correct statement, but unless you have reverse lookups
enabled (which is a compile time option in 2.0.X I believe)
it wont work.

I suggest you make sure your server is doing reverse lookups.

On Tue, Apr 29, 2003 at 01:18:12PM -0400, Peter Furmonavicius wrote:
> Hello.  I am running OpenLDAP on MacOS X (10.2.5).  I am frustrated 
> in trying to get something to "work" that should be fairly simple.  I 
> have not been able to see anything in previous discussions that helps 
> me, so I have decided to write to you all.  Simply put, suppose I 
> have a given attribute, called "telephoneNumber" for example.  What 
> ACL should I use that allows everyone from my local domain to view 
> the telephoneNumber attribute, but no one else to?  I have tried just 
> about everything that I can think of,  but can't seem to get it 
> right.  Can someone shed some light on this?  I appreciate it.
> 
> access to attr=telephoneNumber
>      by domain=/\.yale\.edu$/ read
>      by * none
> 
> Thanks,
> 
> - Peter
>