[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: SOLVED Re: Can I do this with OpenLDAP acls?
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
> access to attr=userPassword
> by self write
> by dnattr="masterAccount" write
> by * auth
Interesting.
But then again, you'd need to update all accounts if you wanted to add another
administrator. If you where using sets, or groups, you'd just add an
attribute in the new administators entry (sets) or add the new administrators
DN to the group (groups).
But it's a very interesting solution for some cases, especially where you have
some setup where an account can create a limited number of subaccounts that
are not directly under that account.
Good stuff!
_Ace
website: http://www.suares.nl * http://www.qwikzite.nl
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.2-rc1-SuSE (GNU/Linux)
iD8DBQFAgXI/y7boE8xtIjURAkdRAJ9qG4qIUQaj1M/6g/s0TmFREImikgCfUZ29
6P6Tr5bXQ55rUnFID0fxKII=
=Es/p
-----END PGP SIGNATURE-----