[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Inactivate a entry without deleting the entry.

To: <kpaxian25@yahoo.com>
Subject: Re: Inactivate a entry without deleting the entry.
From: "Pierangelo Masarati" <ando@sys-net.it>
Date: Fri, 19 Mar 2004 23:27:59 +0100 (CET)
Cc: <openldap-software@OpenLDAP.org>
Importance: Normal
In-reply-to: <20040319215600.27748.qmail@web21205.mail.yahoo.com>
References: <20040319215600.27748.qmail@web21205.mail.yahoo.com>

> Is there a way in open ldap  we will be able to inactivate a user entry
> without deleting it?

If you mean don't let it bind anymore, simply remove its password.
If you mean don't let it be accessed, hide it behind ACLs
Otherwise, rename (i.e. change its DN) into a subtree that holds
inactivated entries, e.g.

dn: cn=Someone,ou=People,dc=your,dc=org

=>

dn: cn=Someone,ou=Inactivated People,dc=your,dc=org

with

access to dn.children="ou=Inactivated People,dc=your,dc=org"
    by dn.exact="cn=Admin,ou=People,dc=your,dc=org" write
    by * none

p.
-- 
Pierangelo Masarati
mailto:pierangelo.masarati@sys-net.it

Follow-Ups:
- Re: Inactivate a entry without deleting the entry.
  - From: Neo - <kpaxian25@yahoo.com>

References:
- Inactivate a entry without deleting the entry.
  - From: Neo - <kpaxian25@yahoo.com>

Prev by Date: openldap 2.2 on Windows
Next by Date: Re: Segmentation fault in OpenLDAP 2.1.25
Index(es):
- Chronological
- Thread