[389-users] ACL Question
Ludwig Krispenz
lkrispen at redhat.com
Thu Jan 31 15:20:51 UTC 2013
Hi,
it is always difficult to talk about a single aci since access is
controlled by applying all exxising acis, and one aci can prevent the
effect of another one.
Also you're talking about hiding entries, but the aci you propose is
about allowwing access, so making entries visible to the group.
Could you provide more info on the tree and entries you have and whoc
should be able to do what. What do you mean by "only certain people" ?
Did you try some acis and it didn't work ?
Regards,
Ludwig
On 01/31/2013 12:35 PM, rayane karim wrote:
> Hi
> need to setup an acl restriction based on targetfilter like
>
> (targetattr = "*") (targetfilter= "(!(Affectation=testaff))") (version
> 3.0;acl "Student restriction Acl";allow (write)(groupdn =
> "ldap:///cn=Students Manager,ou=Groups,dc=example,dc=com");)
>
> this rule hide all the student branch
> ou=Students,ou=People,dc=lagh-univ,dc=dz
> on witch it is applied
>
> need to hide only certain people form student banch for cn=Students
> Manage
>
> pepole that havn't (Affectation=testaff) attribute
>
> thank's
>
>
>
>
> --
> 389 users mailing list
> 389-users at lists.fedoraproject.org
> https://admin.fedoraproject.org/mailman/listinfo/389-users
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.fedoraproject.org/pipermail/389-users/attachments/20130131/53038787/attachment.html>
More information about the 389-users
mailing list