I would like to know if it is possible to write an acl so that : a priviledge user can modify some fields ( shell, homeDirectory ) of users whose gidNumber matches the gidNumber of the priviledged user
Yes, it is possible. Look at the val.regex bits in slapd-access man page. --Quanah -- Quanah Gibson-Mount Principal Software Engineer Zimbra, Inc -------------------- Zimbra :: the leader in open source messaging and collaboration