[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Inactivate a entry without deleting the entry.



I mean don't let it bind anymore.
Thanks pierangelo that helps.
 
 
 
 


Pierangelo Masarati <ando@sys-net.it> wrote:

> Is there a way in open ldap we will be able to inactivate a user entry
> without deleting it?

If you mean don't let it bind anymore, simply remove its password.
If you mean don't let it be accessed, hide it behind ACLs
Otherwise, rename (i.e. change its DN) into a subtree that holds
inactivated entries, e.g.

dn: cn=Someone,ou=People,dc=your,dc=org

=>

dn: cn=Someone,ou=Inactivated People,dc=your,dc=org

with

access to dn.children="ou=Inactivated People,dc=your,dc=org"
by dn.exact="cn=Admin,ou=People,dc=your,dc=org" write
by * none

p.
--
Pierangelo Masarati
mailto:pierangelo.masarati@sys-net.it

Do you Yahoo!?
Yahoo! Mail - More reliable, more storage, less spam