[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
ldap acl question
- To: <OpenLDAP-software@OpenLDAP.org>
- Subject: ldap acl question
- From: Orosz Tamás <Tamas.Orosz@groupama.hu>
- Date: Sat, 24 Sep 2005 20:18:38 +0200
- Content-class: urn:content-classes:message
- Thread-index: AcXBNFmw/ulUiUAqRpCYNvxtI6q8GQ==
- Thread-topic: ldap acl question
Dear all,
I've got a little ACL problem with openldap 2.2. My ldap tree is very simple, like this:
dc=example,dc=tld
+ou=A,dc=example,dc=tld
+cn=postmaster,ou=A,dc=example,dc=tld
+cn=user1,ou=A,dc=example,dc=tld
+cn=user2,ou=A,dc=example,dc=tld
+....
+ou=B,dc=example,dc=tld
+cn=postmaster,ou=B,dc=example,dc=tld
+cn=user1,ou=B,dc=example,dc=tld
+cn=user2,ou=B,dc=example,dc=tld
+....
+....
I want to set an ACL, what allow:
- postmaster can write all attributes only in own OU
- when the postmaster bind to the ldap server, see only own ou as a "root dn", ( like an "ldap jail" :) )
Thanks for help, and sorry for my bad English,
Best Regards,
Thomas