[prev in list] [next in list] [prev in thread] [next in thread] 

List:       ldap
Subject:    [ldap] acl for nested groups
From:       Mikael <pub () grizzli ! org>
Date:       2005-10-21 12:53:55
Message-ID: 200510211453.55237.pub () grizzli ! org
[Download RAW message or body]

Hello,

In short, I'm trying to create an acl like this :
  by group=cn=*,ou=others,ou=workers,ou=groups,dc=mydomain" read

Im using openldap under debian sarge and I have created groups (ObjectClass 
groupOfNames) under a tree like :

ou=groups,...
ou=students,ou=groups,...
ou=workers,ou=groups,...
ou=teachers,ou=workers,ou=groups,...
ou=others,ou=workers,ou=groups,...

I can do an acl like this
access  to attr=mail
       by group=cn=tech,ou=others,ou=workers,ou=groups,dc=mydomain" read
       by * none

I've tried to create an acl like this :
       by group=cn=*,ou=others,ou=workers,ou=groups,dc=mydomain" read

But it doesn't work.

Any idea would be greatly appreciated,
Thanks in advance
-- 
Mikael

---
You are currently subscribed to ldap@umich.edu as: [ldap@progressive-comp.com]
To unsubscribe send email to ldap-request@umich.edu with the word UNSUBSCRIBE as the \
SUBJECT of the message.


[prev in list] [next in list] [prev in thread] [next in thread]