[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: ACL domain= question

To: Peter Furmonavicius <peter.furmonavicius@yale.edu>
Subject: Re: ACL domain= question
From: Ian Logan <ian@nmsu.edu>
Date: Tue, 29 Apr 2003 11:26:56 -0600
Cc: openldap-software@OpenLDAP.org
Content-disposition: inline
In-reply-to: <p05210600bad462ff5333@[130.132.59.57]>
References: <p05210600bad462ff5333@[130.132.59.57]>
User-agent: Mutt/1.4i

You dont say what version of OpenLDAP you're using.
Domain is the correct statement, but unless you have reverse lookups
enabled (which is a compile time option in 2.0.X I believe)
it wont work.

I suggest you make sure your server is doing reverse lookups.

On Tue, Apr 29, 2003 at 01:18:12PM -0400, Peter Furmonavicius wrote:
> Hello.  I am running OpenLDAP on MacOS X (10.2.5).  I am frustrated 
> in trying to get something to "work" that should be fairly simple.  I 
> have not been able to see anything in previous discussions that helps 
> me, so I have decided to write to you all.  Simply put, suppose I 
> have a given attribute, called "telephoneNumber" for example.  What 
> ACL should I use that allows everyone from my local domain to view 
> the telephoneNumber attribute, but no one else to?  I have tried just 
> about everything that I can think of,  but can't seem to get it 
> right.  Can someone shed some light on this?  I appreciate it.
> 
> access to attr=telephoneNumber
>      by domain=/\.yale\.edu$/ read
>      by * none
> 
> Thanks,
> 
> - Peter
>

References:
- ACL domain= question
  - From: Peter Furmonavicius <peter.furmonavicius@yale.edu>

Prev by Date: ACL domain= question
Next by Date: Re: ACL domain= question
Index(es):
- Chronological
- Thread