[Date Prev][Date Next] [Chronological] [Thread] [Top]

how to setup ACL to delele entry



Hi,

I've created a group "cn=accountadmin,ou=group,dc=company,dc=com" with
member:
member: uid=acadmin,ou=people,dc=company,dc=com

Binded as uid=acadmin, I'm unable to delete any user under
"uid=*,ou=people,dc=company,dc=com". It says insufficient access. What
changes/additions should I make to allow user deletion user uid=acadmin.

Please see below my ACL.

ps: it is valid to have 2 "by group=" in the same access directive?

Thanks.

defaultaccess none

access to attr=userpassword
 by self write
 by group="cn=administrators,ou=group,dc=company,dc=com" write
 by * none

access to dn=".*,ou=people,dc=company,dc=com"
 by self write
 by group="cn=administrators,ou=group,dc=company,dc=com" write
 by group="cn=accountadmin,ou=group,dc=company,dc=com" write <-- valid to
have 2 "by group"?
 by dn=".*,ou=people,dc=com,dc=com" read
 by * none

access to dn=".*,dc=company,dc=com"
 by group="cn=administrators,ou=group,dc=company,dc=com," write
 by * none