[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: having more privileged users



Prune wrote:

> What I want, in fact, is having a user un the 'rootdn', not in a special
> domain.
> I don't want to have to create the user for each domain.
> So, the best would be :
>
> cn=new_privileged_user, dc=domain, dc=net
>
> and not something in :
> cn=superuser, ou=users, ou=domain, dc=domain, dc=net
>
> understand ?
> is this possible ?

Sure. The point is that you are giving the privileges you need
to a normal user. These privileges are enforced in a soft manner,
that is by means of the normal functionalities of the server
and not by means of magic tricks like for rootdn. In principle,
you should eliminate hte rootdn directive as soon as your database
is initialized (you don't even need it if you start the database with
slapadd.

Pierangelo.

--
Dr. Pierangelo Masarati               | voice: +39 02 2399 8309
Dip. Ing. Aerospaziale                | fax:   +39 02 2399 8334
Politecnico di Milano                 | mailto:masarati@aero.polimi.it
via La Masa 34, 20156 Milano, Italy   | http://www.aero.polimi.it/~masarati