[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Authenticated users can create new entries but then only creator can modify entry

Pierangelo Masarati wrote:
----- "Emmanuel Dreyfus" <manu@netbsd.org> wrote:
Speaking about that: how to allow entry creation while maintaining constraints on what is being added? ie: if you want users to add
entries, but not with a specific attribute set?

Currently, it's not possible. See <http://www.openldap.org/its?findid=4556> for details and a roadmap.

My first reaction was also DIT structure rules. But that's not what Emmanuel was asking for because DIT structure rules are limiting the use of structural object classes for *all* users (schema vs. access control).

Maybe Emmanuel could try to describe the particular use-case he has in mind a little bit more.

Ciao, Michael.