[Date Prev][Date Next] [Chronological] [Thread] [Top]

question about ACL's

To: openldap-software@OpenLDAP.org
Subject: question about ACL's
From: Eugeny Korekin <az@ftc.ru>
Date: 01 Apr 2002 16:34:54 +0700
User-agent: Gnus/5.09 (Gnus v5.9.0) Emacs/21.1

Hi, all!

Lets suppose, that I have static groups(for example,
groupofuniquenames) with attribute 'owner', in which
listed cn of other static group.

dn: cn=group1,ou=groups,dc=root
objectclass: groupofuniquenames
uniquemeber: uid=u1,ou=people,dc=root
uniquemember: uid=u45, ou=people,dc=root
...
owner: cn=role1,ou=roles,dc=root


dn: cn=group2,ou=groups,dc=root
...
owner: cn=role5,ou=groups,dc=root

...
...

dn: cn=group56,ou=groups,dc=root

etc

dn: cn=role1,ou=roles,dc=root
objectclass: groupofuniquenames
uniquemember: uid=u345,ou=people,dc=root

etc
 


Is this possible to write ACL rule with current openldap , which will
give right to change attributes of users, who are members of group
to managers of that group(users, who are members of 'owner' group)?


-- 
	Best regards, -- Eugeny.

You single-handedly fought your way into this hopeless mess.

Follow-Ups:
- Re: question about ACL's
  - From: Adam Williams <awilliam@whitemice.org>

Prev by Date: Storing references...
Next by Date: Re: newbie Qeustion on Preparing DNS for kerberos
Index(es):
- Chronological
- Thread