[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: ACL question...

I don't get it. Can you please explain a bit?

If I create a group under a user with a list of member DN's from the LDAP tree, how do I use that access group to give access to those DN's to use personal addressbooks of that user.

Also, let's say this user creates multiple named personal addressbooks and he wants to give different kind of permissions to different users. How can I do this with this scheme?

Is there any good book that discusses these kind of strategies?


--- Kurt@OpenLDAP.org wrote

From: "Kurt D. Zeilenga" <Kurt@OpenLDAP.org>
To: Krishna Sivaramapuram <krishna@everyone.net>
Cc: openldap-software@OpenLDAP.org
Subject: Re: ACL question...
Date: Thu, 12 Jan 2006 19:43:27 -0800

At 05:59 PM 1/12/2006, Krishna Sivaramapuram wrote:
>How do I do this...
>I've an addressbook where I have users and their personal addressbook in the ldap tree. Let's say some user wants to give read access to one of his personal addressbook to a friend of his who is also on the tree. Basically I want the users of this addressbook to decide on access control for their part of the tree.
>How do I do this kind of Access control?

You can do this with groups, one per user that the user
can add members to.

>Is dynaACL (ACI) the only way to do this?