[Date Prev][Date Next] [Chronological] [Thread] [Top]

openLDAP Access Control mechanism


  I'm looking for ways to implement an openLDAP server in my company server
systems.  The story's long... so I won't do much explaining on why I will like
to use openLDAP.
  I've used Netscape Directory server.  The access control mechanism in the
server is extremely impressive.  Unfortunately, this is where openLDAP fails.

Note the following.  How many of you are currently using userpassword or some
other field in the server as the authentication means for binding a user.  I
am.  I'll like that only the user be able to authenticate him/herself and write
to it.

But look then at the access control level??... I quote...
Note that an access level implies all lesser access levels (eg. write access
implies read, search and compare).
Now in the organization, I dun think in terms of deployment, read access even
to self is a good idea for allowing access to.

I'll like to noe if there is any action on this, and if there are not any, I'll
be pretty disappointed...  Uhh... But I'm still an open source fan... die
hard... abet a disappointed one... So??

Lim Swee Tat
Software Engineer
National Computer Systems