[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Admin Guide 5.3.5 needs an priv example (ITS#693)

At 05:38 PM 8/29/00 +0000, cedric@earthling.net wrote:
>Full_Name: Cedric Tefft
>Version: CVS
>OS: N/A
>URL: ftp://ftp.openldap.org/incoming/
>Submission from: (NULL) (
>I am confused by Section 5.3.3 of the Admin Guide (CVS version from yesterday). 
>"The access to grant" section only mentions privileges once, but gives no
>examples other than the summary in the table.  My interpretation is that
>privileges can be specified instead of levels, so for instance if I wanted my
>users to be able to change their own password, but _not_ read it, I could
>specify a privilege level of 'wscx' (note the missing 'r').  An example which
>used privileges instead of levels would go a long way to clearing this up.  If I
>have misinterpreted what is written, then someone should consider rewording or
>expanding on the sentence "However, one may use the privledges specify to grant
>specific permissions." that appears near the top of section 5.3.3.

We need to add an "Advanced Access Controls' chapter.  The existing
examples is only meant to cover the common "level" based cases.  I
agree that this section needs clarification.