Hi,
it is always difficult to talk about a single aci since access is
controlled by applying all exxising acis, and one aci can prevent the
effect of another one.
Also you're talking about hiding entries, but the aci you propose is
about allowwing access, so making entries visible to the group.
Could you provide more info on the tree and entries you have and whoc
should be able to do what. What do you mean by "only certain people" ?
Did you try some acis and it didn't work ?
Regards,
Ludwig
On 01/31/2013 12:35 PM, rayane karim wrote:
Hi
need to setup an acl restriction based on targetfilter like
(targetattr = "*") (targetfilter= "(!(Affectation=testaff))")
(version
3.0;acl "Student restriction Acl";allow (write)(groupdn =
"ldap:///cn=Students Manager,ou=Groups,dc=example,dc=com");)
this rule hide all the student branch
ou=Students,ou=People,dc=lagh-univ,dc=dz
on witch it is applied
need to hide only certain people form student banch for cn=Students
Manage
pepole that havn't (Affectation=testaff) attribute
thank's
--
389 users mailing list
389-users(a)lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/389-users