[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: multiple conditions in ACL



At 05:04 AM 12/17/2003, DEVRIENDT ERIK wrote:
>Hi,
>
>(I forgot to give a descriptive Subject in a previous atempt, so I try
>again.
> Sorry for that).
>
>I want to give write access to a group object 'g1' (groupOfUniqueNames)
>only to people that are member of that group AND are member of
>another group 'admin'.
>How do I formulate that in an ACL ?

(of the cuff...)

access to dn.base="ou=gl,dc=example,dc=com"
  by group/groupOfUniqueNames/uniqueMember.exact="ou=gl,dc=example,dc=com" break
  by * none

access to dn.base="ou=gl,dc=example,dc=com"
  by groupgroupOfUniqueNames/uniqueMember.exact="ou=admin,dc=example,dc=com" write
  by * none


>Erik Devriendt
>Project Engineer
>
>Siemens n.v./s.a. 
>EIT-ES5
>Tel. ++32 2-536.48.56 
>Fax ++32 2-536.28.80 
>
>mailto:Erik.Devriendt@siemens.com
>http://www.siemens.be