It depends on how many user you have, were are the user-objects are located in your tree, there are not enough information to solve your problem. If the users are spread over the hole tree you need some kind of regex-ACLs Am 27.11.19 um 22:41 schrieb Marc Roos: > Can anyone help how I should make the acls that allows users[2] access > attributes of ldap entries[1] that have themselves listed in the > attribute value sendmailMTAMapValue > > Something like: > Access to children? ou=xxxx,ou=dddd,ou=cccc,dc=bbbb,dc=aaaa,dc=local > filter=(sendmailMTAMapValue=VAR1) attrs=sendmailMTAKey > by uid=VAR1,ou=yyyy,ou=dddd,ou=cccc,dc=bbbb,dc=aaaa,dc=local read > > > [1] > dn: > sendmailMTAKey=test@example.com,ou=xxxx,ou=dddd,ou=cccc,dc=bbbb,dc=aaaa, > dc=local > objectClass: sendmailMTA > objectClass: sendmailMTAMap > objectClass: sendmailMTAMapObject > objectClass: ritAdditionalInfo > sendmailMTAMapName: virtuser > sendmailMTACluster: mail > sendmailMTAKey: test@example.com > sendmailMTAMapValue: testuser > > [2] > uid=testuser,ou=yyyy,ou=dddd,ou=cccc,dc=bbbb,dc=aaaa,dc=local > -- Stefan Kania Landweg 13 25693 St. Michaelisdonn Signieren jeder E-Mail hilft Spam zu reduzieren und schützt Ihre Privatsphäre. Ein kostenfreies Zertifikat erhalten Sie unter https://www.dgn.de/dgncert/index.html
Attachment:
smime.p7s
Description: S/MIME Cryptographic Signature