[Date Prev][Date Next]
ACLs based on attributes?
Is it possible to define an ACL that gives a DN access to a particular
attribute in other DNs based on the value of one of its own attributes?
For example, would it be possible to define an ACL that would allow a
DN with title=telephonemanager to update only the telephoneNumber
attribute of other DNs? In other words, the ACL would allow updates to
telephoneNumber, but only for search filter title=telephonemanager; a
simple a change of the title would result in the gain or loss of the
right to make such updates.