Hi, I am trying to grant users access to a ldap object when user/allowedDomain match the Mail object ou. To accomplish that I have to use set.regex and substring substitution, but I was not able to figure out what I am doing wrong.
This is the current ACL: access to dn.regex="^(.+,)?ou=([^,]+),ou=Mail,o=example,c=BR$" by set="user/allowedDomain & this/ou" write result: ======= "ou=example.com,ou=Mail,o=example,c=BR" = write(=wrscxd) "mail=t...@example.com,ou=example.com,ou=Mail,o=example,c=BR" = 0 This is the ACL that I am trying to build. It was expecting both results as = write(=wrscxd), but I am getting only = 0. access to dn.regex="^(.+,)?ou=([^,]+),ou=Mail,o=example,c=BR$" by set.regex="user/allowedDomain & $2" write result: ======= "ou=example.com,ou=Mail,o=example,c=BR" = 0 "mail=t...@example.com,ou=example.com,ou=Mail,o=example,c=BR" = 0 Any ideas about what I should do for this to work? Thanks! Ronie