[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Group administration ACL



On Fri, 6 Dec 2002, Stephen wrote:

> 
> dn: cn=Directory Administrators, ou=Groups, o=airius.com
> cn: Directory Administrators
> objectclass: top
> objectclass: groupofuniquenames
> ou: Groups
> uniquemember: uid=kvaughan, ou=People, o=airius.com
> uniquemember: uid=rdaugherty, ou=People, o=airius.com
> uniquemember: uid=hmiller, ou=People, o=airius.com
> 
> 
> The ACL commonly provided in slapd.conf is
>    access to attr=userPassword
>         by self write
>         by anonymous auth
>         by * none
> 
> So what would the ACL look like if access to userPassword was also 
> allowed for everyone in the LDAP groupofuniquenames "Directory 
> Administrators"?

I think this is either an FAQ or should be.
...
   by group/groupOfUniqueNames/uniquemember="cn=Directory Administrators, ou=Groups, o=airius.com" write

Regards
James Bourne

> Thank you.
> 
> Stephen

-- 
James Bourne, Supervisor Data Centre Operations
Mount Royal College, Calgary, AB, CA
www.mtroyal.ab.ca

******************************************************************************
This communication is intended for the use of the recipient to which it is
addressed, and may contain confidential, personal, and or privileged
information. Please contact the sender immediately if you are not the
intended recipient of this communication, and do not copy, distribute, or
take action relying on it. Any communication received in error, or
subsequent reply, should be deleted or destroyed.
******************************************************************************


"There are only 10 types of people in this world: those who
understand binary and those who don't."