Quanah Gibson-Mount wrote: > > > --On Thursday, June 8, 2023 8:54 PM +0200 Souji Thenria > <m...@souji-thenria.net> wrote: > >> On 6/8/23 18:13, Howard Chu wrote: >>> >>> Just use by group=cn=foo,... write >>> >> >> Thanks for the response. >> >> I tried to use group=... and group.exact=... without success. >> The Administrator's Guide [1] says that group=... assumes that the >> objectClass is "groupOfNames", and if I use another objectClass, I >> should use: >> by group/<objectclass>/<attributename>=<DN> <access> > > > That is for static groups, not dynamic groups.
Irrelevant. The ACL engine supports both static and dynamic groups using the same syntax. -- -- Howard Chu CTO, Symas Corp. http://www.symas.com Director, Highland Sun http://highlandsun.com/hyc/ Chief Architect, OpenLDAP http://www.openldap.org/project/
