[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
realizing 4 eye principle - how?
I want to realize a 4 eye principle, i.e., one administrator can create
empty entries inside the LDAP tree but cannot set attributes; the other
one can fill already existing
entries with attribute values but cannot create new ones.
Is this possible with OpenLDAP 2.0.7?
I have looked at the access control stuff but to me it seems to be
impossible at the current state.
--
Heiko Nardmann (Dipl.-Ing.), h.nardmann@secunet.de, Software Development
secunet Security Networks AG - Sicherheit in Netzwerken
(www.secunet.de),
Weidenauer Str. 223-225, D-57076 Siegen
Tel. : +49 271 48950-13, Fax : +49 271 48950-50