Another approach to a previous question

[Daniel Henninger <daniel@unity.ncsu.edu>]

=)

Previously I asked if there was a way to limit searches to exact 
matches... so for instance you could search for 
printer-name=blar,ou=private,ou=printers,dc=ncsu,dc=edu but could not 
search through ou=private,ou=printers,dc=ncsu=dc=edu... and the answer was 
no.  =)

For a different approach to this issue, I already have a tree called 
ou=hosts,dc=ncsu,dc=edu.  This has host specific "configuration" type 
information.  Currently, it only has what groups are allowed and not 
allowed into the machine.  I was going to add printers to this, so you can 
assign printers based off their entry in LDAP.  So lets pretend I have an 
entry called:
cn=skippy.unity.ncsu.edu,ou=hosts,dc=ncsu,dc=edu
and it has:
ncsuAssignedPrinter: dhl-2413-1
ncsuAssignedPrinter: dhl-2413-2
ncsuAssignedPrinter: dhl-2413-color1
ncsuAssignedPrinter: dhl-2413-private-printer

Is there any way I could limit access to the private printer tree based 
off that?  In other words, "unless you are coming from skippy, you don't 
get to see the entry for dhl-2413-private-printer" in 
ou=private,ou=printers,dc=ncsu,dc=edu.  Something like:

access to dn.regex="printer-name=(.*),ou=private,ou=printers,dc=ncsu,dc=edu
	by (host, where host has $1 listed in it's ncsuAssignedPrinter)

?

Daniel

--
/\\\----------------------------------------------------------------------///\
\ \\\      Daniel Henninger           http://www.vorpalcloud.org/        /// /
 \_\\\      North Carolina State University - Systems Programmer        ///_/
    \\\                   Information Technology <IT>                  ///
     """--------------------------------------------------------------"""