[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: ACL Question

To: Puneet Walia <waliaspuneet@hotmail.com>
Subject: Re: ACL Question
From: Pierangelo Masarati <masarati@aero.polimi.it>
Date: Thu, 18 Jul 2002 10:17:55 +0200
Cc: openldap-software@OpenLDAP.org, D.M.Lewney@sussex.ac.uk
Organization: Dipartimento di Ingegneria Aerospaziale
References: <F1104oVHyW2lSYgCSrl000187d0@hotmail.com>
User-agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:0.9.9) Gecko/20020408

Puneet Walia wrote:

Hi all
I m using openldap 2.0.25
I m trying to create an ACL where one user is Administrator for the complete directory structure
for tha I have specified this
1)
access to *
      by self write
      by dn="cn=Manoj,ou=admin,o=HomeAppl" write
      by *  read
2) With the upper acl I have created a client
  which can create its own children node
access to dn=".*,(Client=.*,businessCat=Calls,o=HomeAppl)" attrs=children,entry by dn="$1" write by anonymous auth till this leve everythig is working fine i m able to create clients , and my clients futher are able to create its own user but when it comes to modify those users or add another node under those user , its not happening.

Can anybody tell me whats happening


by specifying attrs=children,entry you're implicitly denying
modify access to all the regular attributes of the entry; you're
allowing only the addition of an entry or of a child.

Pierangelo.

--
Dr. Pierangelo Masarati               | voice: +39 02 2399 8309
mailto:pierangelo.masarati@polimi.it  | fax:   +39 02 2399 8334
http://www.aero.polimi.it/~masarati
Dip. Ing. Aerospaziale Politecnico di Milano,
via La Masa 34, 20156 Milano, Italy

References:
- ACL Question
  - From: "Puneet Walia" <waliaspuneet@hotmail.com>

Prev by Date: Re: Slurpd Reconnect
Next by Date: Re: Residential and business addresses schema
Index(es):
- Chronological
- Thread