Tomasz Lesniewski wrote: > I have ldap tree which i'm trying to migrate from 389-ds to openldap, with > structure like this: > > o=company > ou=admins > uid=admin1 > ... > dc=domain > ou=users > uid=user1 > service=service1 > ... > uid=user2 > service=service2 > > At uid=user1,ou=users,dc=domain,o=company there is admin entry (and no admin > entry in childrens) which points to uid=admin1,ou=admins,o=company. Now i want > to grant access to all entries below uid=user1,ou=users,dc=domain,o=company to > uid=admin1. In 389-ds it was easy, but in openldap it seems not easy to do. I > tried to use: > olcAccess: to dn.subtree="uid=*,ou=users,dc=domain,o=company" by dnattr="admin" > but it grant access only uid=user1,ou=users,dc=domain,o=company and for no > childrens access is granted. Maybe i'm doing something wrong or should i use > other functionality to solve this problem? Any help will be appreciate. Something similar: http://www.openldap.org/faq/data/cache/1005.html Ciao, Michael.
Attachment:
smime.p7s
Description: S/MIME Cryptographic Signature