[Date Prev][Date Next] [Chronological] [Thread] [Top]

allow admin group to write excluding specific users


I have a group called IT and another one called LDAP Admins. There are
5 users under IT and 2 under LDAP Admins.
I'm looking for an acl where members of IT (groupOfUniqueNames) can
modify/write anywhere under ou=Users.... apart from those users under
the LDAP Admins group.
Can anyone give me a help about this please.

I've found only how to give access to IT group but not how to exclude
LDAP Admins (2 in total) where those 2 exist also under IT.