[Date Prev][Date Next] [Chronological] [Thread] [Top]

ACL help



Currently, we have the following acls:

defaultaccess   read

access          to attr=userpassword
                by self write
                by * none

access          to attr=manager,serial,title,isManager,actingUid,email
                by self write
                by dnattr=manager write
                by group="cn=OrgChart Admins,ou=web,ou=groups,o=Tivoli Systems" 
                   write

But this keeps people in the OrgChart Admins group from being able to create
new entries. Is it possible to set up an acl that will allow a group to add new
entries but only modify certain attributes of an entry that already exists?

-- 
Jason Bodnar + jbodnar@tivoli.com + Tivoli Systems

Homer:  All right, Herb.  I'll lend you the 2,000 bucks.  But you have
        to forgive me and treat me like a brother.

Herb:   Nope.

Homer:  All right, then, just give me the drinking bird.

                   Brother Can You Spare Two Dimes?