[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Subadmins using Groups ?



See http://www.openldap.org/faq/index.cgi?file=52

At 02:24 PM 4/14/2004, Carsten Zerbst wrote:
>Hello,
>
>I try to define subadmins in Organizations, something like
>
>dc=shincos.de
>        o=MTW
>        cn=Joe Superuser
>        cn=admin (uniqueMember= cn=Joe Superuser,o=MTW,dc=shincos.de)
>
>
>where Joe Superuser should be able to create and modify 
>entries below o=MTW.
>
>My acl says
>
>access to dn.regex="(.+),o=([^,]+),dc=shincos.de$"
>           attrs=children,entry,uid
>      by groupOfUniqueNames.regex="^cn=admin,o=$2,dc=shincos.de$" write
>      by users read
>
>but I could not edit the uid attribute on other users. If I
>remove the attrs line, I'm not even able to login in as
>Joe Superuser.
>
>Any hints ?
>
>Carsten 
>
>        
>-- 
>Carsten Zerbst <carsten.zerbst@atlantec-es.com>