[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: "dynamic" acls

To: openldap-software@OpenLDAP.org
Subject: Re: "dynamic" acls
From: Turbo Fredriksson <turbo@bayour.com>
Date: 22 Jan 2004 10:05:45 +0100
In-reply-to: <597790557.1074686794@cadabra.stanford.edu>
Organization: LDAP/Kerberos expert wannabe
References: <20040121203348.373e97ac@earth.bx> <597790557.1074686794@cadabra.stanford.edu>
User-agent: Gnus/5.0808 (Gnus v5.8.8) Emacs/20.7

>>>>> "Quanah" == Quanah Gibson-Mount <quanah@stanford.edu> writes:

    >> is it possible to apply new acl rules without restarting slapd?
    >> 
    >> like disallowing some users acces to a certain branch of the
    >> ldap tree...

    Quanah> That is not possible at this time with ACL's.

What you CAN do though (even though it's experimental, but works
fine for me) is to use ACI's (http://www.openldap.org/faq/index.cgi?file=758).

Follow-Ups:
- Re: "dynamic" acls
  - From: Quanah Gibson-Mount <quanah@stanford.edu>

References:
- "dynamic" acls
  - From: Alexander Blüm <mailinglists1@gmx.de>
- Re: "dynamic" acls
  - From: Quanah Gibson-Mount <quanah@stanford.edu>

Prev by Date: Compilation of OpenLDAP ver. 2.2.4
Next by Date: RE: Compilation of OpenLDAP ver. 2.2.4
Index(es):
- Chronological
- Thread