[Date Prev][Date Next] [Chronological] [Thread] [Top]

ACL question

To: OpenLDAP Software <openldap-software@OpenLDAP.org>
Subject: ACL question
From: Peter Choe <choepete@mindspring.com>
Date: Mon, 07 Aug 2000 16:45:37 -0400
References: <4.3.2.7.0.20000804230712.00b2ebb0@mail-server> <4.3.2.7.0.20000807112331.00b34b80@router.boolean.net>

i am trying to set up my ldap directory to allow the person to alter their own entries.

for example:

dn: cn=Peter Choe, o=myCompany, c=US
objectclass: person
mail: choepete@mindspring.com
phone: 555-5555
etc...

i have the follow ACI in my slapd.conf:
default read
access to dn="cn=Peter Choe, o=myCompany, c=US"
by self write

but when i try to modify something it says insufficient access.  as far as i can tell from
reading about ACL, this should allow the person to add and modify their own entrie (ie
change their attributes).  am i wrong thinking this?  how would i set it up to allow each
user to change their own entries?

i am using openLDAP1.2.10.

thanks for any help

Peter Choe

References:
- LDAP for Win-NT
  - From: "T.Subramanian" <t_subbu@yahoo.com>
- Re: LDAP for Win-NT
  - From: "Kurt D. Zeilenga" <Kurt@OpenLDAP.org>

Prev by Date: suddenly I can't find things....
Next by Date: Re: java API
Index(es):
- Chronological
- Thread