Page created: 6 Nov 2019
|
Page updated: 25 Mar 2020
The targetfilter
keyword targets all attributes that match results
returned from a filter. The targetfilter
clause has the following
syntax:
(targetfilter = ldap_filter )
For example, the following clause targets all entries that contain "ou=engineering" attribue:
(targetfilter = "(ou=engineering)")
You can only specify a single filter, but that filter can contain multiple elements combined with the OR operator. The following clause targets all entries that contain "ou=engineering," "ou=accounting," and "ou=marketing."
(targetfilter = "(|(ou=engineering)(ou=accounting)(ou=marketing)")
The following example allows the user, uid=eng-mgr
, to modify the
departmentNumber
, cn
, and sn
attributes
for all entries that match the filter ou=engineering
.
aci:(targetfilter="(ou=engineering)") (targetattr="departmentNumber||cn||sn") (version 3.0; acl "example"; allow (write) userdn="ldap:///uid=eng-mgr,dc=example,dc=com";)