[Date Prev][Date Next] [Chronological] [Thread] [Top]

Access Control by Organizational Unit?

To: openldap-software@OpenLDAP.org
Subject: Access Control by Organizational Unit?
From: Heather Lockridge <heathlock1997@yahoo.com>
Date: Wed, 19 May 2004 04:43:08 -0700 (PDT)

I would like to implement an ldap scheme so that each
department which is an organizational unit has a
person who can control the entries for their
department and no others.  

By this I mean that that person will have the right to
add/delete/modify entries in their own ou only.

I am new at this, and somewhat confused.  It seems
from some of the answers I have found in the list
archives suggest this is the case, and it seems so
from reading the docs, especially the Chapter 5 Access
Control section.   But, I am a little confused by the
syntax there.  I can find no "real-world" examples of
how to set this up in the /etc/openldap/slapd.conf
configuration file.  

This is on a Fedora Core 1 system.

Does anyone have any examples of how to do this while
allowing the overall ldap-admin acces to all?  Or a
pointer to some (any) examples?

Thanks in advance,

HeatherL



	
		
__________________________________
Do you Yahoo!?
SBC Yahoo! - Internet access at a great low price.
http://promo.yahoo.com/sbc/

Follow-Ups:
- Re: Access Control by Organizational Unit?
  - From: Hallvard B Furuseth <h.b.furuseth@usit.uio.no>
- Re: Access Control by Organizational Unit?
  - From: Tony Earnshaw <tonye@billy.demon.nl>

Prev by Date: Re: LDAP_OPT_DESC
Next by Date: Re: Access Control by Organizational Unit?
Index(es):
- Chronological
- Thread