On 10/28/05, Samuel Tran <[EMAIL PROTECTED]> wrote: > On Fri, 2005-10-28 at 13:31 +0800, Feifei Jia wrote: > > On 10/28/05, Samuel Tran <[EMAIL PROTECTED]> wrote: > > > On Thu, 2005-10-27 at 10:12 +0800, Feifei Jia wrote: > > > > On 10/26/05, Samuel Tran <[EMAIL PROTECTED]> wrote: > > > > > On Wed, 2005-10-26 at 20:53 +0800, Feifei Jia wrote: > > > > > > Hi there, > > > > > > > > > > > > What I want to do is: > > > > > > > > > > > > Let the RDN under ou=Admin,dc=com have write permission to the RDN > > > > > > like uid=foo,ou=People,dc=com > > > > > > > > > > > > > > > > Do you want any entries in ou=Admin,dc=com to be able to write to any > > > > > entries in ou=People,dc=com? > > > > > > > > > > Sam > > > > > > > > > > > > > > > > > > Yes, that's exactly what I want to do. Could you tell me how to acheive > > > > this? > > > > > > Try this: > > > > > > access to dn.subtree="ou=People,dc=com" > > > by dn.one="ou=Admin,dc=com" write > > > > > > Sam > > > > > > > If I want to use regex to let DN like > > "uid=test,ou=Admin,dc=demo1,dc=com" can write to entries in > > "ou=People,dc=demo1,dc=com", and change "demo1" to "([^,]+)" , what > > should I do? It seems I cannot combine subtree with regex. > > > > According to man slapd.access, this should work for you: > > access to dn.regex="^(.+,)?ou=People,dc=([^,]+),dc=com$" > by dn.one,expand="ou=Admin,dc=$1,dc=com" > > Let me know if it is fine. > > Sam > >
It seems not work, only get "Insufficient access (50)" error :( Maybe "dn,one" is not a good choice? -- Thanks~
