1 This directory contains native slapd plugins that implement access rules.
3 posixgroup.c contains a simple example that implements access control
4 based on posixGroup membership, loosely inspired by ITS#3849. It should
5 be made clear that this access control policy does not reflect any
6 standard track model of handling access control, and should be
7 essentially viewed as an illustration of the use of the dynamic
8 extension of access control within slapd.
10 To use the acl-posixgroup plugin, add:
12 moduleload acl-posixgroup.so
14 to your slapd configuration file; it requires "nis.schema" to be loaded.
15 It is configured using
18 by dynacl/posixGroup[.{exact,expand}]=<dnpat> {<level>|<priv(s)}
20 The default is "exact"; in case of "expand", "<dnpat>" results from
21 the expansion of submatches in the "<what>" portion. "<level>|<priv(s)>"
22 describe the level of privilege this rule can assume.
24 No Makefile is provided. Use a command line similar to:
26 gcc -shared -I../../../include -I../../../servers/slapd -Wall -g \
27 -o acl-posixgroup.so posixgroup.c
29 to compile the posixGroup ACL plugin.
32 Copyright 2005-2011 The OpenLDAP Foundation. All rights reserved.
34 Redistribution and use in source and binary forms, with or without
35 modification, are permitted only as authorized by the OpenLDAP