[prev in list] [next in list] [prev in thread] [next in thread]
List: openldap-technical
Subject: Re: olcAccess rule with groupOfURLs
From: Howard Chu <hyc () symas ! com>
Date: 2023-06-09 15:19:39
Message-ID: 0bc76ebe-f2ec-5c4e-7471-08f5aa9c871a () symas ! com
[Download RAW message or body]
Quanah Gibson-Mount wrote:
>
>
> --On Thursday, June 8, 2023 8:54 PM +0200 Souji Thenria <mail@souji-thenria.net> wrote:
>
>> On 6/8/23 18:13, Howard Chu wrote:
>>>
>>> Just use by group=cn=foo,... write
>>>
>>
>> Thanks for the response.
>>
>> I tried to use group=... and group.exact=... without success.
>> The Administrator's Guide [1] says that group=... assumes that the
>> objectClass is "groupOfNames", and if I use another objectClass, I
>> should use:
>> by group/<objectclass>/<attributename>=<DN> <access>
>
>
> That is for static groups, not dynamic groups.
Irrelevant. The ACL engine supports both static and dynamic groups using the same syntax.
--
-- Howard Chu
CTO, Symas Corp. http://www.symas.com
Director, Highland Sun http://highlandsun.com/hyc/
Chief Architect, OpenLDAP http://www.openldap.org/project/
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic