[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
group acl permissions
hi everyone.
i'm trying to get to grips with acls on ldap, could someone glance over this snippet of config and tell me why my members in 'Account operators' are only being granted read permission to user attributes?
thanks!
access to dn.base="" by * read
access to dn.base="cn=Subschema" by * read
access to dn.onelevel="ou=Users,dc=student,dc=local" attrs=entry,@extensibleObject
by set="user/uid & [cn=Account Operators,ou=Groups,dc=student,dc=local]/memberUid" write
by * read
access to dn.base="ou=Users,dc=student,dc=local" attrs=children
by set="user/uid & [cn=Account Operators,ou=Groups,dc=student,dc=local]/memberUid" write
by * read
_______________________________________________
Join Excite! - http://www.excite.com
The most personalized portal on the Web!