[Date Prev][Date Next] [Chronological] [Thread] [Top]

ou uid to add and delete accounts

To: <openldap-software@OpenLDAP.org>
Subject: ou uid to add and delete accounts
From: "Sean Doyle" <nydoyle723@cox.net>
Date: Sun, 18 Apr 2004 14:19:43 -0700
References: <Pine.LNX.4.58.0404171557580.18303@hephaestus.tor.primus.ca> <63035.81.72.89.40.1082312939.squirrel@webmail.sys-net.it> <Pine.LNX.4.58.0404181548040.17216@hephaestus.tor.primus.ca>

 I want to give a specific user in a OU to add and remove accounts without
access to other OU's. Keep getting insufficient error.

Here is a copy of the ACL.

access to dn="ou=red,dc=example,dc=com"
by dn="uid=redadmin,ou=red,dc=example,dc=com"
by self write
by users read

access to dn="ou=orange,dc=example,dc=com"
by dn="uid=orangeadmin,ou=orange,dc=example,dc=com"
by self write
by users read

access to dn="ou=blue,dc=example,dc=com"
by dn="uid=blueadmin,ou=blue,dc=example,dc=com"
by self write
by users read

access to dn="ou=green,dc=example,dc=com"
by dn="uid=greenadmin,ou=green,dc=example,dc=com"
by self write
by users read

acess to *
by self write
by users read
by anonymous auth

Thanks,
Sean

Follow-Ups:
- modification to first entry: ou uid to add and delete accounts
  - From: "Sean Doyle" <nydoyle723@cox.net>

References:
- Re: adding access control for replication user
  - From: "Robin M." <robin@primus.ca>
- Re: adding access control for replication user
  - From: "Pierangelo Masarati" <ando@sys-net.it>
- Re: adding access control for replication user
  - From: "Robin M." <robin@primus.ca>

Prev by Date: Re: SASL and Kerberos 5 (sasl-regexp)
Next by Date: Re: SASL and Kerberos 5 (sasl-regexp)
Index(es):
- Chronological
- Thread