[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Select subtree with access filter
- To: openldap-technical@openldap.org
- Subject: Select subtree with access filter
- From: Torsten Rehn <torsten@rehn.tel>
- Date: Mon, 31 Aug 2009 12:33:02 +0200
- Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=googlemail.com; s=gamma; h=domainkey-signature:received:received:sender:message-id:date:from :user-agent:mime-version:to:subject:content-type :content-transfer-encoding; bh=nOHzxYqwTkKH6n/YM2INHp0rIkk2ofxKveqXNYLbI/I=; b=qgtNkVJOzi6K6BpU4Uk2fei4KzSFd1/M2L26yM7n5mOxHEmz2uyUjOtsu8I1kb3QN3 82dnbfThSr/kFTvAPkpDjQtc4JFgR5LUKCjwEJtlKkTTMeZXw29kp0kfd9x+tSxngDfw wtZ8mHfZuEy6yw5wEMe6ce68Au12o0ZiuOupA=
- Domainkey-signature: a=rsa-sha1; c=nofws; d=googlemail.com; s=gamma; h=sender:message-id:date:from:user-agent:mime-version:to:subject :content-type:content-transfer-encoding; b=Jfmi8kybHv/R014x1d4xxVQKCczQeXsewO72P1M+IYec8lqG/6buYDwlPO3JpiPxnz zSCJViK8AHpZOCdQuMvsQILIXaAFfEo8KF8US30uIFe30IMrmQI0wfLylCh5aQrCxw+a oLcuHncN28OVpMytk1mQapNCPUyV3JTzIX5ts=
- User-agent: Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10.5; en-US; rv:1.9.1.1) Gecko/20090715 Thunderbird/3.0b3
I have a number of objects scattered around my DIT that I want to
dynamically "tag" for access by a certain user by giving them a memberOf
attribute pointing to that user. Now here's the fun part: Is it possible
to also give that user access to the subtree starting at the "tagged"
object?
E.g. I have an office manager who manages a random number of rooms
around the building. I assign the rooms to him via memberOf, but the
rooms also have people in them that he should have access to.
For that I would need something like this:
access to filter.subtree="(memberOf=managerguy)" by managerguy read
Is there any way to do this today? Otherwise make it a feature request :)
--
Torsten Rehn