[Date Prev][Date Next] [Chronological] [Thread] [Top]

ACLs based on attributes?

Hi all,

Is it possible to define an ACL that gives a DN access to a particular attribute in other DNs based on the value of one of its own attributes?

For example, would it be possible to define an ACL that would allow a DN with title=telephonemanager to update only the telephoneNumber attribute of other DNs? In other words, the ACL would allow updates to telephoneNumber, but only for search filter title=telephonemanager; a simple a change of the title would result in the gain or loss of the right to make such updates.