[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: (Senza oggetto)



> Hi,
>
> I want to give write access to a group object 'g1' (groupOfUniqueNames)
> only to people that are member of that group AND are member of
> another group 'admin'.
> How do I formulate that in an ACL ?

use access privileges as follows:

access to <smtg>
    by group/groupOfUniqueNames/uniquMember.exact=<group1> -r continue
    by group/groupOfUniqueNames/uniquMember.exact=<group2> +r stop
    by * none

which means: if access is allowed by group 1,
disable read, but continue to the following
by clause in the same access rule; if also group 2
matches, enable read and exit.

This should do the job.

p.

-- 
Pierangelo Masarati
mailto:pierangelo.masarati@sys-net.it