[Date Prev][Date Next] [Chronological] [Thread] [Top]

restric access to a group


I'd like to give write permission to a group (GroupOfUniquenames).

For example, in my slapd.conf :

defaultaccess	none

access to dn=ou=prem,ou=Pers,dc=univ-nancy2,dc=fr
         by dn="uid=toto,ou=people,ou=pers,dc=univ-nancy2,dc=fr" write
         by group="cn=group1,ou=groups,ou=pers,dc=univ-nancy2,dc=fr" write
         by * read

Here is the group :
dn: cn=Group1,ou=Groups,ou=Pers,dc=univ-nancy2,dc=fr
cn: Group1
objectClass: top
objectClass: groupOfUniqueNames
uniqueMember: uid=titi,ou=People,ou=Pers,dc=univ-nancy2,dc=fr

I can write in ou=prem,ou=Pers,dc=univ-nancy2,dc=fr if I bind with the uid toto, but I can't write if I bind with the uid titi (ldap_add: Insufficient access,   additional info: no write access to parent).                                       

How can I do that?


Vincent MATHIEU                 
CRI - Universite NANCY 2            | Email : Vincent.Mathieu@univ-nancy2.fr
Pole Lorrain de Gestion             | Tel   : (33)
13, Rue Michel Ney - C.O. 75        | Fax   : (33)
54013 Nancy Cedex.   FRANCE