[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: giving access to write below a branch

To: User PeterPeter Choe <choepete@mindspring.com>
Subject: Re: giving access to write below a branch
From: "Kurt D. Zeilenga" <Kurt@OpenLDAP.org>
Date: Thu, 24 Aug 2000 16:25:12 -0700
Cc: openldap-software@OpenLDAP.org
In-reply-to: <39A55812.66EC6C43@mindspring.com>

At 01:14 PM 8/24/00 -0400, User PeterPeter Choe wrote:
>if i have the following structure:
>
>
>                        o=myCompany
>                                |
>                                |
>                        ou=myDepartment, o=myCompany
>                              |                                |
>                              |                                |
>                        uid=empOne             uid=empTwo
>
>is there a way i can set up the acl so that someone can log in as
>ou=myDepartment,o=myCompany to add, modify or delete entries underneath?


access to "ou=myDepartment,o=myCompany" attr=children
        by self write
        by * none

access to ".*,ou=myDepartment,o=myCompany"
        by dn="ou=myDepartment,o=myCompany" write
        by * none

Additional what/who clauses may be necessary to fully implement
your access policy.

References:
- giving access to write below a branch
  - From: User PeterPeter Choe <choepete@mindspring.com>

Prev by Date: RE: TLS/SSL in OpenLDAP 2.0 gamma clients
Next by Date: RE: TLS/SSL in OpenLDAP 2.0 gamma clients
Index(es):
- Chronological
- Thread