[Date Prev][Date Next]
Re: simple ACL requirement, grant access to modify myself and my sub entries, not sure how to do it
Hopefully someone will correct me if I'm wrong but as far as I'm aware
you cannot log in as an ou object.
I'd has setup and admin user for dn: ou=Support,o=Real Softservice eg:
then create an ACL like
access to dn.base="ou=Support,o=Real Softservice"
by dn.exact="cn=admin,ou=Support,o=Real Softservice" write
by * read
So when you login as cn=admin,ou=Support,o=Real Softservice you will
have access create / edit the full tree under ou=Support,o=Real
On 09/05/07, Zhang Weiwu <email@example.com> wrote:
Dear all. In my installation it's required if someone logs in, he can
modify his own entry and can modify & delete & create entries of his own
login as: dn: ou=Support,o=Real Softservice
Then I should be able to modify & delete & create:
dn: cn=Wang Penghui,ou=Suport,o=Real Softservice
dn: cn=Zhang Weiwu,ou=Suport,o=Real Softservice
dn: cn=Wolfgang Scheuing,ou=Suport,o=Real Softservice
Looks like a simple requirement. Anyway I dug into ACL manual for days
without a clue (maybe also because of my bad English). Can anyone
provide a hint and simplified example? Thanks a lot in advance!
+86 592 2091112