[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: adding openLDAPaci

To: "Armin Wenz" <awenz@mtg.de>
Subject: Re: adding openLDAPaci
From: "Pierangelo Masarati" <ando@sys-net.it>
Date: Mon, 31 Jan 2005 13:56:06 +0100 (CET)
Cc: openldap-software@OpenLDAP.org
Domainkey-signature: a=rsa-sha1; s=mail; d=sys-net.it; c=simple; q=dns; b=bgzo6BrpEZmX+kEzc5RWO4sBtbSfddUug/RBeqbV5sW/mrhu1dvwEq1ihnq6P3iyG UwEE7YCPKt/LCqEsKZXiA==
Importance: Normal
In-reply-to: <41FE214C.1070701@mtg.de>
References: <41FE214C.1070701@mtg.de>
User-agent: SquirrelMail/1.4.3a-1

>
> Using 2.2.23 compiled with --enable-aci.
> I need to add another openLDAPaci attribute to an entry with already
> existing openLDAPaci's.
>
> dn: cn=test,o=test,c=de
> OpenLDAPaci: 1#entry#grant;r,s,c;[all]#public#
> OpenLDAPaci: 1#entry#grant;w,s,c;[all]#group#cn=test2,o=test,c=de
> structuralObjectClass: inetOrgPerson
>
> When doing
>
> dn: cn=test,o=test,c=de
> changetype: modify
> add: openldapACI
> openldapACI: 1#entry#grant;w,s,c;[all]#group#cn=test3,o=test,c=de
>
> I get the response fron the slapd:
> ldap_modify: Inappropriate matching (18)
>          additional info: modify/add: OpenLDAPaci: no equality matching
> rule
>
> As far as I can see from the sources there is an EQUALITY filter
> 'OpenLDAPaciMatch'

No there isn't (RE22):

grep OpenLDAPaciMatch servers/slapd/schema_init.c
#define OpenLDAPaciMatch                        NULL

p.

-- 
Pierangelo Masarati
mailto:pierangelo.masarati@sys-net.it


    SysNet - via Dossi,8 27100 Pavia Tel: +390382573859 Fax: +390382476497

References:
- adding openLDAPaci
  - From: Armin Wenz <awenz@mtg.de>

Prev by Date: ACI's and 'by users read'
Next by Date: Re: ACI's and 'by users read'
Index(es):
- Chronological
- Thread