[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
ACL
Hello all,
My problem is resolved now and I put my solution below.
Maybe we can find a shortest solution ... !?!
I want to thank all for helping me and particularely Emmanuel Jegou, Kurt D.
Zeilenga and Eric Brehier for spending time to debugging my tests.
access to dn=".*ou=User,o=Right Vision" attr=userpassword
by dn="cn=Fabrice,ou=Admin,o=Right Vision" write
by dn="cn=Thierry,ou=Admin,o=Right Vision" write
by * none
access to dn=".*ou=User,o=Right Vision"
by dn="cn=Thierry,ou=Admin,o=Right Vision" write
by dn="cn=Eric,ou=User,o=Right Vision" read
by * none
access to dn=".*,o=Right Vision"
by dn="cn=Fabrice,ou=Admin,o=Right Vision" write
by * none
- The admin Fabrice has access to write and read all entries below "o=Right
Vision"
- The admin Thierry has access to write and read all entries below
"ou=User,o=Right Vision"
- The user Eric has access to read all entries below "ou=User,o=Right
Vision" but not the userpassword attribut
- The user Pascal has no access
Below two examples of commands:
ldapsearch -D "cn=Eric,ou=User,o=Right Vision" -w ericpassword
-b "o=Right Vision" "objectclass=*"
ldapsearch -D "cn=Fabrice,ou=Admin,o=Right Vision" -w adminfabrice
-b "o=Right Vision" "objectclass=*"
Many thanks,
Fabrice
______________________________________________________
Get Your Private, Free Email at http://www.hotmail.com