[Date Prev][Date Next] [Chronological] [Thread] [Top]

Allowing an entry the full ability on a group/ou


I want a user, call them guestadmin, who can authenticate
and be able to create other users entries in ldap only for
the group guest. I want this guestadmin to have full access
to be able to do this. Yet, at the same time I do not want
them to have any more than normal user authentication for
other entries as dictated by normal access rules. Basically,
they would be like the root admin, but only able to create/
delete/modify entries in the guest group.

This looks like it needs to be another base. If so, can you
have more than one base on the same server? I haven't found
any doc. on that yet?