[prev in list] [next in list] [prev in thread] [next in thread]
List: openldap-software
Subject: Re: Need some help with OpenLDAP rights
From: "Dieter Kluenter" <dieter () dkluenter ! de>
Date: 2010-01-31 8:27:54
Message-ID: 87pr4qllv9.fsf () rubin ! avci ! de
[Download RAW message or body]
"Guenter Knauf" <eflash@gmx.net> writes:
> Hi all, I have a relatively simple requirement to grant some OpenLDAP
> rights .... my OpenLDAP directory looks like that: root
> \
> ou=managers
> ou=webprojects
> \
> ou=groups
> ou=users
>
> now I need to grant full rights for users (InetOrgPerson) in
> ou=managers to ou=webprojects so that they can create/modify/delete
> users and groups in ou=groups,ou=webprojects and
> ou=users,ou=webprojects, also I would like to have users be able to
> modify their own entries. For a start I tried some settings in
> slapd.conf, f.e.:
>
> access to dn.base="" by * read
> access to dn.base="cn=Subschema" by * read
> access to dn.base="ou=webprojects" by users write
this should be
access to d.subtree="ou=webprojekts by users write
For more information see slapd.access(5)
-Dieter
--
Dieter Klünter | Systemberatung
http://dkluenter.de
GPG Key ID:8EF7B6C6
53 °37'09,95"N
10 °08'02,42"E
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic