So, I'm laying out my schema, and it leads me to wonder, can I define an ACL that permits someone with a given relationship to an object permission to modify particular attributes of that object? For example, if someone binds with the DN that corresponds to the DN listed for my manager attribute, they ought to be able to set, say, my title. Thanks, -danny