[Date Prev][Date Next] [Chronological] [Thread] [Top]

ACL troubles

To: OpenLDAP <openldap-software@openldap.org>
Subject: ACL troubles
From: Julien Garnier <julien.garnier@dr13.cnrs.fr>
Date: Fri, 28 Mar 2008 11:50:20 +0100
User-agent: Thunderbird 2.0.0.12 (Windows/20080213)

Hi,

I have some problems to configure my aACL's and hope someone can help me.

I want all my local subnet (A.A.A.x) have entire read acces, It's OK. I want some IP have acces only to one search : for example, I want that IP1 B.B.B.B can only do this search and that any other search return error : ldapsearch -x -b "ou=people,ou=compagnie,ou=com" "(ou=DIV1*)" -LLL

I don't find how to configure that.
I've tried :

access to dn.base=""
       by peername.regex="IP=A\.A\.A\..+" read
       by peername.regex="IP=127\.0\.0\.1" read
       by * none


access to dn.sub="ou=people,ou=compagnie,ou=com"
       filter=(ou=DIV1*)
       by peername.regex="IP=B\.B\.B\.B" read
       by * none

but dosn't work, I have an insufficient acces 50 error.

I anyone can help me...

Thanks in advance

Attachment: smime.p7s
Description: S/MIME Cryptographic Signature

Follow-Ups:
- Re: ACL troubles
  - From: Jonathan Clarke <jclarke@linagora.com>
- Re: ACL troubles
  - From: Hallvard B Furuseth <h.b.furuseth@usit.uio.no>

Prev by Date: Re: Problems with openLDAP 2.3
Next by Date: Re: ACL troubles
Index(es):
- Chronological
- Thread