[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Adding ACLs dinamically ...
Is there any possibility to dinamically define ACLs ?
I mean:
- I have an LDAP directory with this structure:
dn: o=mycompany, c=uy
o: mycompany
objectclass: organization
dn: ou=ClientCompany1, o=mycompany, c=uy
ou: ClientCompany1
objectclass:organizationalUnit
dn: uid=CCompany1Manager, ou=ClientCompany1, o=mycompany, c=Uruguay
uid: CCompany1Manager
userpassword: xxxx
objectclass: person
cn: Nestor
sn: Onetto
mail: nestoro@adinet.com.uy
- I want to grant user CCompany1Manager in order he
can add, delete or modify entries only in:
ou=ClientCompany1, o=mycompany, c=uruguay
Then, I have to write the appropiate ACL in slapd.conf.
Ok, what's the question then ? Here we go:
What if I have an aplicattion that can create a new ClientCompany (let's say ClientCompany2)
with a new manager (let's say CCompany2Manger) ?
I'll be needing a new ACL in order to make resticcions
to this new user. So, How can I add this new ACL at the moment I am creating the
Organizational Unit and the Manager user for ClientCompany 2 ?
I think that:
- appending the new ACL to the slapd.conf,
- stopping ldapserver and starting again for "slapd"
to read the new configuration
is not an acceptable solution. That's why I asked:
"Is there any possibility to dinamically define ACLs ?"
at the very begining.
I would aprecciate your answers.
- Ernesto J. Burtre -
_______________________________________________________________________
Free Unlimited Internet Access! Try it now!
http://www.zdnet.com/downloads/altavista/index.html
_______________________________________________________________________