[Date Prev][Date Next] [Chronological] [Thread] [Top]

ACL: user who can just create but not delete entries

I'd like to create a special user ("cn=useradmin,dc=myorg,dc=com")
whose task would be creating new entries under "ou=people,dc=myorg,dc=com".

My problem is that useradmin will be used by a not completely trusted
Can I prevent useradmin from deleting or modifying entries under

Thank you very much for your help,