[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: "dynamic" acls
thank you.
would you have to use the groupOfNames?
could you show an example?
if not - then thank you anyway for directing on the "right path".
On Wed, 21 Jan 2004 16:49:49 -0500
John Ziniti <jziniti@speakeasy.org> wrote:
> Quanah Gibson-Mount wrote:
> > --On Wednesday, January 21, 2004 8:33 PM +0100 Alexander Blüm
> > <mailinglists1@gmx.de> wrote:
> >> is it possible to apply new acl rules without restarting slapd?
> >>
> >> like disallowing some users acces to a certain branch of the ldap
> >> tree...
> >
> > That is not possible at this time with ACL's.
>
> One thing you can do, however, is set up an ACL which applies the
> rule you would like to a certain *group* in the LDAP tree, and then
> add users to that group. Not quite as dynamic as you might like,
> but you can use it to achieve the desired effect under certain
> circumstances. You have to have a good idea beforehand, however,
> of how your tree will be arranged, and what "permissions" you
> want to apply.
>
> HTH,
> JZ
>
>
--
cheers,
Alex