[Date Prev][Date Next] [Chronological] [Thread] [Top]

Access control for multiple admins

To: openldap-technical@openldap.org
Subject: Access control for multiple admins
From: Luiz Marcelo <85marcelo@gmail.com>
Date: Fri, 09 Jul 2010 18:15:25 -0300
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:message-id:date:from :user-agent:mime-version:to:subject:content-type :content-transfer-encoding; bh=GqAlKUGeOE+vgSw5uDl8VzAT2cVLXwKiZQ+pjjZ6JL8=; b=qF0Gb13L0lRX3iHFnnExMqKWF+vs/04Wc/g61MGyvHOojbvToTdava9s2tbD7kbQcI fRrKNV5QSQ93KX/uJz4A6hPVUZXFTtsRdmMYqt/6h7M8heR1/h352cJfmPd66slTJqQX P311dRlWuKM7jzqwhSXjklXu02mM8teV7WMCg=
Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=message-id:date:from:user-agent:mime-version:to:subject :content-type:content-transfer-encoding; b=LhdFF+1mEEnbJiItwbGnapcBfaOhHnZagMFm8iFbXw5LXvF0+MmDEHJkLhCoZ4FK91 AN43BF3azWdLisIBHYeqTjBYFDFNIqB3qLuk5wZrR9PEDbENfDg9QVibhjUII4QeTF+X 2ZmoTK+KJ8UlYcWvErBgADIfmlkEIkM9HMQ8o=
User-agent: Mozilla/5.0 (X11; U; Linux i686; pt-BR; rv:1.9.1.9) Gecko/20100317 Thunderbird/3.0.4

Hello everyone!

Good, I have a scenario where two directors write on the same basis, eg

"cn=admin1,dc=domain,dc=com" and
"cn=admin2,dc =domain,dc=com"

In a general scope, both have written permission from the base. However,
assuming the user admin1 adds the entry:
"uid=john,ou=people,dc=domain,dc=com", only the admin1 user can modify
this entry, so each admin should only modify their own entries created
in any part of the base.

Someone would have any idea how I could create an access control list
for this

Thanks!

Follow-Ups:
- Re: Access control for multiple admins
  - From: "Dieter Kluenter" <dieter@dkluenter.de>

Prev by Date: Re: Segmentation Fault
Next by Date: Re: LDAP Master hangs from time to time
Index(es):
- Chronological
- Thread