[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
slapd.conf acl based on uniqueMember attribute
Hello,
So far I have searched the archives and existing documentation I can find,
but only find references to doing the inverse of what I need. Here's the
scenario:
I need to create 2 ou's (one for accounts and one for class roles). User
accounts follow the standard rfc2307 schema using posixAccount
objectclass. Class roles are represented by the groupOfNames objectclass.
I need to define an ACL in slapd.conf which allows the 'owner' attribute
value in the groupOfNames write access to the DN's specified by the
'member' attribute.
In basic terms
acccess to "members of groupOfName"
by "owner of entry" write
Note that this is write acess to the entries defined by the member DN's.
Not the groupOfNames entry itself. That is easy.
Anyone got a suggestion?
Cheers, jerry
----------------------------------------------------------------------
/\ Gerald (Jerry) Carter Professional Services
\/ http://www.valinux.com/ VA Linux Systems gcarter@valinux.com
http://www.samba.org/ SAMBA Team jerry@samba.org
http://www.plainjoe.org/ jerry@plainjoe.org
"...a hundred billion castaways looking for a home."
- Sting "Message in a Bottle" ( 1979 )