[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: question about ACL's

To: Eugeny Korekin <az@ftc.ru>
Subject: Re: question about ACL's
From: Adam Williams <awilliam@whitemice.org>
Date: 01 Apr 2002 06:20:59 -0500
Cc: OpenLDAP Mailling List <openldap-software@OpenLDAP.org>
In-reply-to: <ypo1u1qv224h.fsf@reks.ftc.ru>
References: <ypo1u1qv224h.fsf@reks.ftc.ru>

>Hi, all!
>Lets suppose, that I have static groups(for example,
>groupofuniquenames) with attribute 'owner', in which
>listed cn of other static group.
>dn: cn=group1,ou=groups,dc=root
>objectclass: groupofuniquenames
>uniquemeber: uid=u1,ou=people,dc=root
>uniquemember: uid=u45, ou=people,dc=root
>...
>owner: cn=role1,ou=roles,dc=root
>Is this possible to write ACL rule with current openldap , which will
>give right to change attributes of users, who are members of group
>to managers of that group(users, who are members of 'owner' group)?

Certainly.  Look at the dnattr access directive.

References:
- question about ACL's
  - From: Eugeny Korekin <az@ftc.ru>

Prev by Date: Re: Storing references...
Next by Date: RE: Storing references...
Index(es):
- Chronological
- Thread