kurt Exp $
## This work is part of OpenLDAP Software <http://www.openldap.org/>.
##
-## Copyright 1998-2003 The OpenLDAP Foundation.
+## Copyright 1998-2005 The OpenLDAP Foundation.
## All rights reserved.
##
## Redistribution and use in source and binary forms, with or without
#######################################################################
authz-policy both
-authz-regexp "^uid=admin/([^,]+),.*" "ldap:///ou=Admin,dc=example,dc=com??sub?cn=$1"
-authz-regexp "^uid=it/([^,]+),.*" "ldap:///ou=People,dc=example,dc=it??sub?uid=$1"
-authz-regexp "^uid=(us/)*([^,]+),.*" "ldap:///ou=People,dc=example,dc=com??sub?uid=$2"
+authz-regexp "^uid=admin/([^,]+),.+" "ldap:///ou=Admin,dc=example,dc=com??sub?(cn=$1)"
+authz-regexp "^uid=it/([^,]+),.+" "ldap:///ou=People,dc=example,dc=it??sub?(uid=$1)"
+authz-regexp "^uid=(us/)?([^,]+),.+" "ldap:///ou=People,dc=example,dc=com??sub?(uid=$2)"
#
# normal installations should protect root dse,
idassert-authzFrom "dn.subtree:dc=example,dc=it"
overlay rwm
-suffixmassage "dc=example,dc=com"
+rwm-suffixmassage "dc=example,dc=com"
database ldap
suffix "o=Esempio,c=IT"
idassert-authzFrom "dn.exact:"
overlay rwm
-suffixmassage "dc=example,dc=com"
+rwm-suffixmassage "dc=example,dc=com"
access to attrs=entry,cn,sn,mail
by users read