[Date Prev][Date Next] [Chronological] [Thread] [Top]

Another ACL Question

To: openldap-software@OpenLDAP.org
Subject: Another ACL Question
From: "Florian Preuß" <florian-preuss@gmx.net>
Date: Fri, 11 Feb 2005 09:54:56 +0100 (MET)

Following scenario: 
I have Users in different ous: 
ou=wop_eg,ou=de,ou=Users,dc=test,dc=net 
ou=wop,ou=de,ou=Users,dc=test,dc=net 
 
The user should be able to change its informations: 
access to dn.children="ou=de,ou=Users,dc=test,dc=net" 
       by self write 
       by users read 
access to dn.children="ou=wop_eg,ou=de,ou=Users,dc=test,dc=net" 
       by self write 
       by users read 
 
Doing this happens using GSSAPI and here is the problem. If I define 
sasl-regexp I can only do one of the ous. 
sasl-regexp     uid=(.*),cn=test.net,cn=gssapi,cn=auth 
                uid=$1,ou=wop_eg,ou=de,ou=Users,dc=test,dc=net 
 
So if a user of ou=wop tries to change it's informations, it doesn't work. 
Is there a possibility to do this for more than one ou? 

-- 
DSL Komplett von GMX +++ Supergünstig und stressfrei einsteigen!
AKTION "Kein Einrichtungspreis" nutzen: http://www.gmx.net/de/go/dsl

Prev by Date: RE: index_param failed on uniqueMember ?
Next by Date: Re: index_param failed on uniqueMember ?
Index(es):
- Chronological
- Thread