[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: DN design - yet another newbie question
At 02:51 PM 6/16/00 -0400, Bennett Samowich wrote:
>I have been told that it is good to keep the DN's as simple as
>possible. With this in mind, can the ACL/Security be set based on attributes?
Likely... depends on the server you're using. I suggest redirecting
your query to a forum specific to whatever server you are using.
If you're using OpenLDAP, please use openldap-software list.
>Some specifics about what I am trying to accomplish are:
>We have multiple geographic locations and want to allow managers the
>ability to change certain information for their subordinates only.
I would suggest using an attribute of an entry to hold the
DN of the manager and use this to grant access to entry.
>Also we
>want to ensure that people at one location only have limited access to the
>information about people at another location.
Depending on the server, this can be difficult to do without
creating subtrees for each location.