[Date Prev][Date Next] [Chronological] [Thread] [Top]

Cool Web / Shell Interfaces?

To: openldap-software@OpenLDAP.org
Subject: Cool Web / Shell Interfaces?
From: dannyman <dannyman@toldme.com>
Date: Fri, 16 Mar 2001 17:47:52 -0800
In-reply-to: <20010316162255.Y3500@dell.dannyland.org>; from dannyman@toldme.com on Fri, Mar 16, 2001 at 04:22:55PM -0800
References: <20010316162255.Y3500@dell.dannyland.org>

On Fri, Mar 16, 2001 at 04:22:55PM -0800, dannyman wrote:
> So, I'm laying out my schema, and it leads me to wonder, can I define an ACL
> that permits someone with a given relationship to an object permission to
> modify particular attributes of that object?
> 
> For example, if someone binds with the DN that corresponds to the DN listed
> for my manager attribute, they ought to be able to set, say, my title.

RTFM ...

Looks like this would be expressed something like:

access to attr=title
by dnattr=manager write

Anyone has opinions on what is the best we 2 ldap gateway?  web2ldap is this
wonky hard-to-compile python thing.  It's ugly, and I hate Python.  I know,
that's my problem.  web500gw seems a little more promising, but is quite an
experience to try and configure.  I also have no idea if it is under active
development or if its security is very trusted, and a few features seem
unimplemented.  I am tempted to hack something together, but prefer to not
re-invent the wheel if I can avoid it.

As an alternative, is there perhaps a useful LDAP shell client ... something
that you could interactively bind, run queries on, and edit attributes in in a
reasonably user-friendly manner?

Thanks,
-danny

-- 
http://dannyman.toldme.com/

Follow-Ups:
- Re: Cool Web / Shell Interfaces?
  - From: vlm@smarts-gsm.ru

References:
- Delegating ACLs to manager / secretary
  - From: dannyman <dannyman@toldme.com>

Prev by Date: RE: Active Directory users and groups lists
Next by Date: Re: can not parse LDIF file
Index(es):
- Chronological
- Thread