be DNs with regular expression characters in them. This means a
source rule like
-> authzTo: uid=[^,]*,dc=example,dc=com
+> authzTo: dn.regex=^uid=[^,]*,dc=example,dc=com$
would allow that authenticated user to authorize to any DN that
matches the regular expression pattern given. This regular expression