[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Authenticated users can create new entries but then only creator can modify entry

To: Pierangelo Masarati <ando@sys-net.it>
Subject: Re: Authenticated users can create new entries but then only creator can modify entry
From: Michael StrÃder <michael@stroeder.com>
Date: Wed, 06 Aug 2008 12:37:27 +0200
Cc: Emmanuel Dreyfus <manu@netbsd.org>, openldap-software@openldap.org
In-reply-to: <29161238.6151218010574823.JavaMail.root@mail2.sys-net.it>
References: <29161238.6151218010574823.JavaMail.root@mail2.sys-net.it>
User-agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.8.1.16) Gecko/20080702 SeaMonkey/1.1.11

Pierangelo Masarati wrote:

----- "Emmanuel Dreyfus" <manu@netbsd.org> wrote:
Speaking about that: how to allow entry creation while maintaining constraints on what is being added? ie: if you want users to add entries, but not with a specific attribute set?
Currently, it's not possible. See <http://www.openldap.org/its?findid=4556> for details and a roadmap.

My first reaction was also DIT structure rules. But that's not what Emmanuel was asking for because DIT structure rules are limiting the use of structural object classes for *all* users (schema vs. access control).

Maybe Emmanuel could try to describe the particular use-case he has in mind a little bit more.

Ciao, Michael.

References:
- Re: Authenticated users can create new entries but then only creator can modify entry
  - From: Pierangelo Masarati <ando@sys-net.it>

Prev by Date: Re: Authenticated users can create new entries but then only creator can modify entry
Next by Date: Re: Building with MSYS/MinGW
Index(es):
- Chronological
- Thread