[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: ldapsearch by access rights?

To: openldap-software@OpenLDAP.org
Subject: Re: ldapsearch by access rights?
From: Piotr Wadas <pwadas@jewish.org.pl>
Date: Mon, 19 Apr 2004 14:32:07 +0200 (CEST)
In-reply-to: <33238.131.175.154.56.1082373973.squirrel@webmail.sys-net.it>

On Mon, 19 Apr 2004, Pierangelo Masarati wrote:

> 
> > Hello,
> > Using openldap 2.1.29/i386/bdb 4.52 (debian).
> >
> > Is it possible to do ldapsearch returning only entries I have write
> > access to, not all readable?
> 
> info about anyone's access.  I guess what you intend to do
> is discover if your ACLs are doing fine.  If this is the
Actually I'm trying to create web interface for editing ldap entries. But
users which are going to use this interface are dummy-users - they don't
know anything, as usually. So I need to create website, on which user will
log in (php_ldap), and then edit entries which "belongs" to them, I mean
which they can "administer". The simpliest would be just search for
entries they can write, and setup ACL's properly, however looks like I'd
have to find some other kind of search to retrieve only this entries which
"belongs" to them - adding some attribute or similar. I'll probably try
with setting ACI (aci) per entry, and after removing directoryUsage from
scheme, searching for entries which have username in OpenLDAPAci
attribute.. I'll see :) 
Regards Piotr.

Follow-Ups:
- Re: ldapsearch by access rights?
  - From: "Pierangelo Masarati" <ando@sys-net.it>
- Re: ldapsearch by access rights?
  - From: Michael Ströder <michael@stroeder.com>

References:
- Re: ldapsearch by access rights?
  - From: "Pierangelo Masarati" <ando@sys-net.it>

Prev by Date: SASL library version mismatch
Next by Date: RE : RE : Log level and performances
Index(es):
- Chronological
- Thread