On 6 Oct 2005, at 10:07, Pierangelo Masarati wrote:
I guess you're using some ACL that performs "regex" patch on a pattern
computed using submatches;
Ahah. Well spotted :)
if this is the case, the second regex matching
interprets the brackets in the value as part of the pattern.
submatches
may need regex-escaping before being used in buildning patterns for
further regex matching, unless building submatch-dependent patterns is
intended.
A sample of your access rules would be of help.
access to dn.regex="cn=(.*),cn=(.*),ou=users,dc=foo" filter=
(visibility=private)
by dn.regex="cn=$2,ou=users,dc=foo" write
by * none
access to dn.regex="cn=(.*),cn=(.*),ou=users,dc=foo" filter=
(visibility=friends)
by dn.regex="cn=$2,ou=users,dc=foo" write
by group/gameUser/friend.expand="cn=$2,ou=users,dc=foo" read
by * none
access to dn.regex="cn=(.*),cn=(.*),ou=users,dc=foo" filter=
(visibility=public)
by dn.regex="cn=$2,ou=users,dc=foo" write
by * read
the key bits of custom schema...
objectClass ( 1.3.6.1.4.1.4203.666.20.5
NAME 'gameUser''
SUP organizationalRole STRUCTURAL
MUST ( cn )
MAY ( role $ friend $ tag $ reminder $ confirmed )
)
objectClass ( 1.3.6.1.4.1.4203.666.20.6
NAME 'userAttr'
SUP top STRUCTURAL
MUST ( cn $ value $ visibility )
)
