[Date Prev][Date Next]
Access Control by Organizational Unit?
I would like to implement an ldap scheme so that each
department which is an organizational unit has a
person who can control the entries for their
department and no others.
By this I mean that that person will have the right to
add/delete/modify entries in their own ou only.
I am new at this, and somewhat confused. It seems
from some of the answers I have found in the list
archives suggest this is the case, and it seems so
from reading the docs, especially the Chapter 5 Access
Control section. But, I am a little confused by the
syntax there. I can find no "real-world" examples of
how to set this up in the /etc/openldap/slapd.conf
This is on a Fedora Core 1 system.
Does anyone have any examples of how to do this while
allowing the overall ldap-admin acces to all? Or a
pointer to some (any) examples?
Thanks in advance,
Do you Yahoo!?
SBC Yahoo! - Internet access at a great low price.