[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: ACL's for admin users

To: "Aravind Arjunan" <aravind.arjunan@gmail.com>
Subject: Re: ACL's for admin users
From: "Almir Karic" <redduck666@gmail.com>
Date: Tue, 12 Aug 2008 15:58:37 +0200
Cc: openldap-technical@openldap.org
Content-disposition: inline
In-reply-to: <551a84db0808120639v768a6290i7bd2e6149ff9b322@mail.gmail.com>
References: <551a84db0808120639v768a6290i7bd2e6149ff9b322@mail.gmail.com>

access to * filter=ou=india
  by my_india_admin write
  by * read


should do what you ask (chances are you'll have to create a separate
access line for sensible attributes, such as userPassword).


On Tue, Aug 12, 2008 at 3:39 PM, Aravind Arjunan
<aravind.arjunan@gmail.com> wrote:
> hi,
>
> In my openldap i created a OU called india
> under this ou there are many users and one administrator as admin.
> I want this admin user to add and modify the users details only in this ou.
> for that i need to set the access control list.
> Can any one plz help me how to set acl's for this case.
> Remaining users have only read only permissions.
>
> eg:
>
> ou=india
> cn=admin---administrator
> cn=sachin
> cn=rahul
> cn=saurav
> cn=anil
>
>
>
>
>



-- 
For far too long, power has been concentrated in the hands of "root"
and his "wheel" oligarchy. We have instituted a dictatorship of the
users. All system administration functions will be handled by the
People's Committee for Democratically Organizing the System (PC-DOS).

References:
- ACL's for admin users
  - From: "Aravind Arjunan" <aravind.arjunan@gmail.com>

Prev by Date: ACL's for admin users
Next by Date: Subject: Re: Help with authz-regexp mapping kerberos identity to dn --RAHUL
Index(es):
- Chronological
- Thread