[389-users] ACI Confusion (New to 389 Came from OL):
Anthony Messina
amessina at messinet.com
Sat Jul 25 22:00:06 UTC 2009
On Saturday 25 July 2009 03:54:57 pm John A. Sullivan III wrote:
> Hmm . . . I've never used an ACI swapping attributes as your are (CN for
> UID) but I would think it should work. Out of curiosity, if you set the
> user's CN = UID and then rewrite the ACI to be ldap://($dn),....., does
> it work?
Thanks for giving a good stab at this, John. I tried just changing the "cn"
for a user without changing the dn to read cn=amessina... (currently,
eGroupWare expects it to read uid=amessina...) That did not work.
Is it to be expected, then, that one is not able to do something like:
target = ldap://some_attr=($dn)...
userdn = ldap://some_other_attr=($dn)... or
userdn = ldap://some_other_attr=[$dn]...
???
In short, does the ($dn) macro in the target HAVE TO match the whole portion
between the commas, like "uid=amessina" rather than just "amessina":
Can it do:
target = ldap://cn=($dn),ou=....
or must it be:
target = ldap://($dn),ou=...
> I'm eager to see what more knowledgeable folks have to say. Good luck -
> John
I'm thinking that I'll be using the ($attr) or userattr methods, but I'm not
sure how as the access is based on the tree structure, rather than attributes
of subcomponent entried:
+-ou=messinet.com,ou=egw,dc=messinet,dc=com
| |
| +-ou=accounts
| | +-uid=amessina
| | +-uid=...
| |
| +-ou=groups
| | +-cn=Default
| | +-cn=...
| |
| +ou=contacts
| |
| +-ou=shared
| | +-cn=default
| | +-cn=...
| |
| +-ou=personal
| +-cn=amessina
| +-cn=...
--
Anthony - http://messinet.com - http://messinet.com/~amessina/gallery
8F89 5E72 8DF0 BCF0 10BE 9967 92DC 35DC B001 4A4E
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 198 bytes
Desc: This is a digitally signed message part.
URL: <http://listman.redhat.com/archives/fedora-directory-users/attachments/20090725/bfc73bb4/attachment.sig>
More information about the Fedora-directory-users
mailing list