[Date Prev][Date Next] [Chronological] [Thread] [Top]

ACL question

To: openldap-software@OpenLDAP.org
Subject: ACL question
From: "Mario Ohnewald" <mario.Ohnewald@gmx.de>
Date: Mon, 28 Jun 2004 10:44:36 +0200 (MEST)

Hello!
I am using openldap 2.2.14.
I would like to give a user the permission to write all the sub-entries of a
organisationUnit.
E.g. The Production Manager is allowed to maintain his Team. Every team
memeber is allowed to write its own entry.

 		dc=example,dc=net (1)
			o=adressbuch (3)
				cn=Ohnewald Mario
				ou=produktion (3)
					cn=Arbeiter1
					cn=Arbeiter2
					cn=Produktions Leiter

## Auth
access to attr=userPassword
 by self write
 by anonymous auth

# maintaince access to entries and subtrees in produktion for Produktions
Leiter
access to dn.subtree="ou=produktion,o=adressbuch,dc=example,dc=net"
 by dn="cn=Produktions Leiter,ou=produktion,o=adressbuch,dc=example,dc=net"
write


## admin access
##self write permissions.
##Rest is none
access to *
 by dn="cn=Ohnewald Mario,o=adressbuch,dc=example,dc=net" write
 by self write
 by * none


I can not even auth with this acl and i am wondering what i am doing wrong
here.
Thanks, Mario

-- 
+++ Jetzt WLAN-Router für alle DSL-Einsteiger und Wechsler +++
GMX DSL-Powertarife zudem 3 Monate gratis* http://www.gmx.net/dsl

Follow-Ups:
- Re: ACL question
  - From: "Alexandre Garel" <garel.alexandre@agora.msa.fr>

Prev by Date: Re: OpenLDAP, DB2 back-sql and UnixODBC configuration.
Next by Date: how to make solaris 8 authenticate to an external openldap server
Index(es):
- Chronological
- Thread