On 5/14/07, Jeronimo Zucco <[EMAIL PROTECTED]> wrote:
Hi list.
I'm using openldap 2.3.35 to my mail user database, and I have this
structure:
uid=user1,ou=People,dc=domain,dc=br
ou=ImpPrefs,uid=user1,ou=People,dc=domain,dc=br
cn=user1,ou=PersonalAddressBook,dc=domain,dc=br
I try to make ACLs to permit just "self" users to write, in his ImpPrefs
and PersonalAddressBook, without success.
I did not find much examples of ACLs with regex, I try to do:
access to dn="^.*,uid=([^,]+),(.*),ou=People,dc=domain,dc=br"
by dn="uid=$1,$2,ou=People,dc=domain,dc=br" write
by * none
but this give me an error.
Hi Jeronimo,
Please try this:
access to dn.regex="^ou=ImpPrefs,uid=([^,]+),ou=People,dc=domain,dc=br$"
attrs=children
by dn.regex,expand="uid=$1,ou=people,dc=domain,dc=br" write
by * none
access to dn.regex="^cn=([^,]+),ou=PersonalAddressBook,dc=domain,dc=br$"
attrs=children
by dn.regex,expand="uid=$1,ou=people,dc=domain,dc=br" write
by * none
Sam
