> Hi All, > > I'm pretty sure that this isn't possible, but wanted to check as my > head hurts now.
I guess I'll need to re-work my DIT then to make this design sane. Thanks. > I have dynamic lists using slapo-dynlist with the Organization > attribute of 'o' and I am trying to keep my DIT as flat as possible. > > I want to create an ACL that is "by group", which is fine. But....I > don't want to hardcode a group. > > I want to "capture" o via a regex and use that in the "by group" like so: > > access to dn.subtree="ou=Users,dc=suretec,dc=co,dc=uk" > attrs=o > val.regex="(.+)" > attrs=children,entry > by group.expand="cn=$1,ou=Groups,dc=suretec,dc=co,dc=uk" read > by self write > > or something like the following using a previous capture: > > access to filter=(&(objectClass=inetOrgPerson)(o=$1)) > by > group/groupOfURLs/memberURL.expand="cn=$1,ou=Groups,dc=suretec,dc=co,dc=uk" > read > by self write > by * none > > Issue is you can't pass captures between "access by" statements and my > ACLs are flawed based on what you're searching for, which would be > perfect. The goal being users in the same group can only see users on > ou=Users of that group, with out hard coding group name in the conf. > > I guess I'll have to create branches to split up users. Then again, > I'm adding a group to ou=Groups, why shouldn't I at the same time add > a new ACL via cn=config? > > Cheers. > > -- > Kind Regards, > > Gavin Henry. > Managing Director. > > T +44 (0) 1224 279484 > M +44 (0) 7930 323266 > F +44 (0) 1224 824887 > E [email protected] > > Open Source. Open Solutions(tm). > > http://www.suretecsystems.com/ > > Suretec Systems is a limited company registered in Scotland. Registered > number: SC258005. Registered office: 24 Cormack Park, Rothienorman, Inverurie, > Aberdeenshire, AB51 8GL. > > Subject to disclaimer at http://www.suretecgroup.com/disclaimer.html > > Do you know we have our own VoIP provider called SureVoIP? See > http://www.surevoip.co.uk > > Did you see our API? http://www.surevoip.co.uk/api -- Kind Regards, Gavin Henry. Managing Director. T +44 (0) 1224 279484 M +44 (0) 7930 323266 F +44 (0) 1224 824887 E [email protected] Open Source. Open Solutions(tm). http://www.suretecsystems.com/ Suretec Systems is a limited company registered in Scotland. Registered number: SC258005. Registered office: 24 Cormack Park, Rothienorman, Inverurie, Aberdeenshire, AB51 8GL. Subject to disclaimer at http://www.suretecgroup.com/disclaimer.html Do you know we have our own VoIP provider called SureVoIP? See http://www.surevoip.co.uk Did you see our API? http://www.surevoip.co.uk/api
