targetfilter
The targetfilter
keyword targets all attributes that match results returned from a filter.
The targetfilter
clause has the following syntax.
(targetfilter = <ldap_filter>)
For example, the following clause targets all entries that contain the ou=engineering
attribute.
(targetfilter = "(ou=engineering)")
You can only specify a single filter, but that filter can contain multiple elements combined with the OR
operator. The following clause targets all entries that contain ou=engineering
, ou=accounting
, and ou=marketing
.
(targetfilter = "(|(ou=engineering)(ou=accounting)(ou=marketing)")
The following example allows the user, uid=eng-mgr
, to modify the departmentNumber
, cn
, and sn
attributes for all entries that match the filter ou=engineering
.
aci:(targetfilter="(ou=engineering)") (targetattr="departmentNumber||cn||sn") (version 3.0; acl "example"; allow (write) userdn="ldap:///uid=eng-mgr,dc=example,dc=com";)