[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
question about ACL's
Hi, all!
Lets suppose, that I have static groups(for example,
groupofuniquenames) with attribute 'owner', in which
listed cn of other static group.
dn: cn=group1,ou=groups,dc=root
objectclass: groupofuniquenames
uniquemeber: uid=u1,ou=people,dc=root
uniquemember: uid=u45, ou=people,dc=root
...
owner: cn=role1,ou=roles,dc=root
dn: cn=group2,ou=groups,dc=root
...
owner: cn=role5,ou=groups,dc=root
...
...
dn: cn=group56,ou=groups,dc=root
etc
dn: cn=role1,ou=roles,dc=root
objectclass: groupofuniquenames
uniquemember: uid=u345,ou=people,dc=root
etc
Is this possible to write ACL rule with current openldap , which will
give right to change attributes of users, who are members of group
to managers of that group(users, who are members of 'owner' group)?
--
Best regards, -- Eugeny.
You single-handedly fought your way into this hopeless mess.