[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: "dynamic" acls



thank you.


would you have to use the groupOfNames?

could you show an example?

if not - then thank you anyway for directing on the "right path".


On Wed, 21 Jan 2004 16:49:49 -0500
John Ziniti <jziniti@speakeasy.org> wrote:

> Quanah Gibson-Mount wrote:
> > --On Wednesday, January 21, 2004 8:33 PM +0100 Alexander Blüm 
> > <mailinglists1@gmx.de> wrote:
> >> is it possible to apply new acl rules without restarting slapd?
> >>
> >> like disallowing some users acces to a certain branch of the ldap
> >> tree...
> > 
> > That is not possible at this time with ACL's.
> 
> One thing you can do, however, is set up an ACL which applies the
> rule you would like to a certain *group* in the LDAP tree, and then
> add users to that group.  Not quite as dynamic as you might like,
> but you can use it to achieve the desired effect under certain
> circumstances.  You have to have a good idea beforehand, however,
> of how your tree will be arranged, and what "permissions" you
> want to apply.
> 
> HTH,
> JZ
> 
> 


-- 
cheers,
  Alex