[Date Prev][Date Next] [Chronological] [Thread] [Top]

Two-level groups

To: <openldap-software@openldap.org>
Subject: Two-level groups
From: <Andris.Eiduks@tietoenator.com>
Date: Mon, 22 Jan 2007 14:26:16 +0200
Content-class: urn:content-classes:message
In-reply-to: <cb44e8370701212114i17b7857fy6ba87398cab25adb@mail.gmail.com>
Thread-index: Acc96A4+K6COCipvR1Kx5W5OlwJRRgANUZog
Thread-topic: Two-level groups

Hi, 

Can I use two lewel of groups for flexible rights sharing to users ?

Example :


dn: cn=test1, ou=grupas, ou=roles, ou=tm
objectClass: groupOfNames
description: 1 testa grupa
member: cn=test2,ou=grupas,ou=roles,ou=tm
cn: test1


dn: cn=test2, ou=grupas, ou=roles, ou=tm
objectClass: groupOfNames
description: 2 testa grupa
cn: test2
member: uid=eiduks,ou=users,ou=tm


dn: uid=eiduks, ou=users, ou=tm
userPassword:: ....
uid: eiduks
objectClass: inetOrgPerson
sn: Eiduks
cn: Andris Eiduks


access to
dn.exact="ou=mnuLinks,ou=mnuAMM,ou=ui,ou=cl,ou=components,ou=tm"
        by group="cn=test1,ou=grupas,ou=roles,ou=tm" read
        by * none



Or it is impossible ? 



Thanks in advance, 

Andris Eiduks

Follow-Ups:
- Re: Two-level groups
  - From: Pierangelo Masarati <ando@sys-net.it>

References:
- Re: How to only accept TLS connection on port 389
  - From: "Jean-Yves Avenard" <jyavenard@gmail.com>

Prev by Date: Re: How to only accept TLS connection on port 389
Next by Date: Re: OpenLDAP issues when connecting over SSL
Index(es):
- Chronological
- Thread