[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
ACL to deny deletes but allow entry creation.
- To: openldap-software@openldap.org
- Subject: ACL to deny deletes but allow entry creation.
- From: Aravind Gottipati <aravind@freeshell.org>
- Date: Sat, 24 Apr 2010 16:40:36 -0700
- Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:mime-version:sender:received:from:date :x-google-sender-auth:message-id:subject:to:content-type; bh=dFoTha0ULAYdtfEytBxooU2+d0MRjOnYW/QLqaUaIyY=; b=fsZNo2SWD7eMFYfnsgOcJ+h2uLpyhUYmSD7Q1JgaVcJbuUVn8iehJiNy1mZ7Nqka6r FBNql8AydUm5pcafnSK7yWxKEFHL9Id5p6OmDHsmCg177+a77AN2WJPq15gs/mrWFfcm p6dz6qSlRCV8VqwZKPGn+MI058+jNGJygpBo8=
- Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:sender:from:date:x-google-sender-auth:message-id :subject:to:content-type; b=Qi7zznQAD7nT/puL2//42ck2j5caiiaWoKk5NwfckC5OAKyj3QjF7oJ66LRlwyji06 Wkvaui3OJkMZG68djvjnb8770H2azHEoQPx8RQRT9gkUvV+UcxEfnbpaMPc5fRB9D5Mo zImtRHV++2Loud8ePHaBPNN+doTr/TLORWZmY=
Hi,
I am working on an application where we want to grant an admin account
the privileges to create new entries, but prevent any further changes
(or deletes) to the entry by the admin account. I have looked through
the docs and the faqs for this, and I am pretty sure that this is not
possible. The simile folks relate this with, is the ability to grant
insert privileges to an account in mysql, but restrict selects,
updates etc.. Before I tell the developers that this is not possible,
I wanted to check with you folks first. Have Any of you encountered
similar situations? How do others deal with cases like this?
Thanks in advance,
Aravind.