[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: allow admin group to write excluding specific users
----- "Stelios A." <stelios.a@gmail.com> wrote:
> No, i have seperated Groups like:
>
> dn: cn=IT,ou=Groups,dc=bca,dc=edu,dc=gr
> cn: IT
> objectClass: groupOfUniqueNames
> uniqueMember: cn=Some Name1,ou=Users,dc=mydomain,dc=edu,dc=com
> uniqueMember: cn=Some Name2,ou=Users,dc=mydomain,dc=edu,dc=com
>
> and all users under ou=Users,dc=mydomain,dc=edu,dc=com
OK, just grant one group write and not the other. Remember,
ACLs are accessed from top down. There are plenty of examples
on the FAQ:
http://www.openldap.org/faq/data/cache/52.html
Again, also read the man page.
Thanks.
--
Kind Regards,
Gavin Henry.
T +44 (0) 1224 279484
M +44 (0) 7930 323266
F +44 (0) 1224 824887
E ghenry@suretecsystems.com
Open Source. Open Solutions(tm).
http://www.suretecsystems.com/