[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: access control, groups/organizationalRole
Frederik Bosch <frederik.bosch@gmail.com> writes:
> That's not what I mean, but thanks for your suggestion.
>
> Let me try to rephrase. Suppose I have an organizationalRole located
> in Amsterdam and Rotterdam. Now I only want to assign rights to all
> occupants of the organizationalRole located in Amsterdam.
>
> In xpath-like syntax, this would look like this.
>
> access to * by
> group/organizationalRole[@location="Amsterdam"]/roleOccupant read
>
> How do I need to rewrite this for slapd?
You may have a look at access control by sets.
http://www.openldap.org/faq/data/cache/1133.html
-Dieter
--
Dieter Klünter | Systemberatung
sip: 7770535@sipgate.de
http://www.dpunkt.de/buecher/2104.html
GPG Key ID:8EF7B6C6