[Date Prev][Date Next] [Chronological] [Thread] [Top]

Help with Acl`s..

To: OpenLDAP-software@OpenLDAP.org
Subject: Help with Acl`s..
From: Michael Fernández "M." <mfernandez@sernam.cl>
Date: Mon, 13 Feb 2006 12:45:03 -0300

Hi...

I have a problem with this.., and i need help..

i have the follow base:

o=organization
  ou=postfix
   ou=users
     cn=mailadmin
  ou=domain
    ou=accounts
    ou=aliases  

i have a user dn: cn=mailadmin,ou=users,ou=postfix,o=organization that
connects to the ldap by phpldapadmin

and i want this user can create accounts and alias, but _NOT_ delete any
ou.-

i tried with

access to dn.children="ou=domain,ou=accounts,ou=postfix,o=organization"
 attrs=Active,cn,quota,description,DynamicListMember,mail
 by dn.regex="cn=mailadmin,ou=users,ou=postfix,o=organization" write
 by * read

but this does not work at all, because i cannot modidy/create any
account and also i don´t see the attr: userpassword . However i cannot
delete the ou <<<< that`s works!!!!  the only thing.-


This is the only one and the admin ACl that i have.-

access to *
        by dn="cn=admin,o=organization" write
        by * read


I hope that somebody can help me.-

Thanks!!!

Prev by Date: migrating data from ldbm to bdb
Next by Date: Re: when send 'cancel' in persist sync mode ?
Index(es):
- Chronological
- Thread