[prev in list] [next in list] [prev in thread] [next in thread] 

List:       openldap-software
Subject:    Re: adding openLDAPaci
From:       "Pierangelo Masarati" <ando () sys-net ! it>
Date:       2005-01-31 12:56:06
Message-ID: 54060.131.175.154.56.1107176166.squirrel () 131 ! 175 ! 154 ! 56
[Download RAW message or body]


>
> Using 2.2.23 compiled with --enable-aci.
> I need to add another openLDAPaci attribute to an entry with already
> existing openLDAPaci's.
>
> dn: cn=test,o=test,c=de
> OpenLDAPaci: 1#entry#grant;r,s,c;[all]#public#
> OpenLDAPaci: 1#entry#grant;w,s,c;[all]#group#cn=test2,o=test,c=de
> structuralObjectClass: inetOrgPerson
>
> When doing
>
> dn: cn=test,o=test,c=de
> changetype: modify
> add: openldapACI
> openldapACI: 1#entry#grant;w,s,c;[all]#group#cn=test3,o=test,c=de
>
> I get the response fron the slapd:
> ldap_modify: Inappropriate matching (18)
>          additional info: modify/add: OpenLDAPaci: no equality matching
> rule
>
> As far as I can see from the sources there is an EQUALITY filter
> 'OpenLDAPaciMatch'

No there isn't (RE22):

grep OpenLDAPaciMatch servers/slapd/schema_init.c
#define OpenLDAPaciMatch                        NULL

p.

-- 
Pierangelo Masarati
mailto:pierangelo.masarati@sys-net.it


    SysNet - via Dossi,8 27100 Pavia Tel: +390382573859 Fax: +390382476497

[prev in list] [next in list] [prev in thread] [next in thread]