[Date Prev][Date Next] [Chronological] [Thread] [Top]

ACL problem in OpenLDAP

To: openldap-software@openldap.org
Subject: ACL problem in OpenLDAP
From: JOYDEEP <j.bakshi@unlimitedmail.org>
Date: Thu, 05 Jul 2007 17:02:09 +0530
User-agent: Thunderbird 1.5 (X11/20060317)

Dear list,

I am really fade up and need your kind guidance to solve the problem.

I have OpenLDAP based addressbook. Users are located under
ou=users,virtualDomain=kolkata.opendingo.com,dc=suse,dc=ldap

basedn of personal adresbook
ou=personal,ou=contacts,ou=contacts,virtualDomain=kolkata.opendingo.com,dc=suse,dc=ldap

I need such an ACL so that only owner can read his addressbook.

The ACL for this is

access to
dn.regex="cn=([^,]+),ou=personal,ou=contacts,ou=contacts,virtualDomain=([^,]+),dc=suse,dc=ldap$"
  by dn.regex="uid=([^,]+),ou=users,virtualDomain=$2,dc=suse,dc=ldap"  read
  by users none

but all the users can see others personal addresbook. Kindly suggest
where I have done
mistake. thanks for your kind support

Follow-Ups:
- Re: ACL problem in OpenLDAP
  - From: Hallvard B Furuseth <h.b.furuseth@usit.uio.no>
- Re: ACL problem in OpenLDAP
  - From: "Gavin Henry" <ghenry@suretecsystems.com>

Prev by Date: Re: Lock is no longer valid / deferring operation
Next by Date: Re: Lock is no longer valid / deferring operation
Index(es):
- Chronological
- Thread