[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: ACL: write access allowed based on a user specific attribute

To: openldap-software@openldap.org
Subject: Re: ACL: write access allowed based on a user specific attribute
From: "Dieter Kluenter" <dieter@dkluenter.de>
Date: Tue, 15 Jul 2008 17:07:42 +0200
In-reply-to: <8e97ea150807150117h3b18fc79g98440aa1a3dad36@mail.gmail.com> (Francois Marot's message of "Tue, 15 Jul 2008 10:17:31 +0200")
References: <8e97ea150807150117h3b18fc79g98440aa1a3dad36@mail.gmail.com>
User-agent: Gnus/5.1008 (Gnus v5.10.8) XEmacs/21.5-b28 (linux)

"Francois Marot" <francois.marot@gmail.com> writes:

> Hello all OpenLDAP users,
>
> I'm quite new to LDAP and I need to modify a currently existing LDAP database.
> There exist users in the database which can authentify, and I would like to add a
> specific parameter on some of those users to enable write access to them (for the
> moment they only have read access)
> For example I currently have 2 users:
>
> uid=user1,ou=Users,dc=myCompany,dc=fr
> uid=user2,ou=Users,dc=myCompany,dc=fr
>
> I changed my schema in order to be able to define an attribute admin="TRUE" on user1.
> Now, I would like that only user1 could change anything in the database, and not user2.
> How would I do that ?
> Is it possible to define an ACL based on the attribute of a DN ?

http://www.openldap.org/lists/openldap-software/200807/msg00085.html
http://www.openldap.org/lists/openldap-software/200807/msg00091.html

-Dieter

-- 
Dieter Klünter | Systemberatung
http://www.dkluenter.de
GPG Key ID:8EF7B6C6
53°08'09,95"N
10°08'02,42"E

References:
- ACL: write access allowed based on a user specific attribute
  - From: "Francois Marot" <francois.marot@gmail.com>

Prev by Date: ACL: write access allowed based on a user specific attribute
Next by Date: replication crashes 1 of 2 servers - after working for months
Index(es):
- Chronological
- Thread