Commit 56258f75 authored by Pierangelo Masarati's avatar Pierangelo Masarati
Browse files

more on ITS#4253

parent 93d0ef91
......@@ -33,6 +33,16 @@ cn: John Doe
dn: cn=John Doe,ou=Information Technology Division,ou=People,dc=example,dc=com
cn: Jonathon Doe
dn: cn=Bjorn Jensen,ou=Information Technology Division,ou=People,dc=example,dc
=com
cn: Bjorn Jensen
cn: Biiff Jensen
dn: cn=Barbara Jensen,ou=Information Technology Division,ou=People,dc=example,
dc=com
cn: Barbara Jensen
cn: Babs Jensen
# Using ldapsearch to retrieve all the entries...
dn: ou=Add & Delete,dc=example,dc=com
objectClass: organizationalUnit
......@@ -113,8 +123,6 @@ telephoneNumber: +1 313 555 9022
dn: cn=Bjorn Jensen,ou=Information Technology Division,ou=People,dc=example,dc
=com
objectClass: OpenLDAPperson
cn: Bjorn Jensen
cn: Biiff Jensen
sn: Jensen
uid: bjorn
seeAlso: cn=All Staff,ou=Groups,dc=example,dc=com
......
......@@ -78,12 +78,12 @@ access to dn.exact="cn=Mark Elliot,ou=Alumni Association,ou=People,dc=example,d
by * search
access to dn.exact="cn=John Doe,ou=Information Technology Division,ou=People,dc=example,dc=com"
attrs=cn val.regex="^John D.*"
attrs=cn val.regex="^John D.+"
by dn="cn=Barbara Jensen,ou=Information Technology Division,ou=People,dc=example,dc=com" read
by * break
access to dn.exact="cn=John Doe,ou=Information Technology Division,ou=People,dc=example,dc=com"
attrs=cn val.regex="^Jonath.*"
attrs=cn val.regex="^Jonath.+"
by dn="cn=Bjorn Jensen,ou=Information Technology Division,ou=People,dc=example,dc=com" read
by * break
......@@ -91,6 +91,17 @@ access to dn.exact="cn=John Doe,ou=Information Technology Division,ou=People,dc
attrs=cn
by * search
access to dn.onelevel="ou=Information Technology Division,ou=People,dc=example,dc=com"
filter="(cn=*Jensen)"
attrs=cn val.regex=".*Jensen$"
by dn="cn=Barbara Jensen,ou=Information Technology Division,ou=People,dc=example,dc=com" read
by dn="cn=Bjorn Jensen,ou=Information Technology Division,ou=People,dc=example,dc=com" read
by * break
access to dn.exact="cn=Bjorn Jensen,ou=Information Technology Division,ou=People,dc=example,dc=com"
attrs=cn
by * search
access to dn.children="ou=Alumni Association,ou=People,dc=example,dc=com"
by dn.regex=".+,dc=example,dc=com" +c continue
by dn.subtree="dc=example,dc=com" +rs continue
......
......@@ -96,6 +96,13 @@ $LDAPSEARCH -h $LOCALHOST -p $PORT1 \
-D "$BJORNSDN" -w bjorn \
-b "$JOHNDDN" -s base "(objectclass=*)" cn >> $SEARCHOUT 2>&1
$LDAPSEARCH -h $LOCALHOST -p $PORT1 \
-D "$BABSDN" -w bjensen \
-b "$BJORNSDN" -s base "(objectclass=*)" cn >> $SEARCHOUT 2>&1
$LDAPSEARCH -h $LOCALHOST -p $PORT1 \
-D "$BJORNSDN" -w bjorn \
-b "$BABSDN" -s base "(objectclass=*)" cn >> $SEARCHOUT 2>&1
#
# Check group access. Try to modify Babs' entry. Two attempts:
# 1) bound as "James A Jones 1" - should fail
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment