[Date Prev][Date Next]
Re: Letting Users Create Groups
> to prevent gidNumber duplicates you probably need slapo-unique.
That works well; here's my configuration:
> ACLs along these lines should do the rest:
> access to dn.exact="ou=group,dc=example" attrs=children
> by users write
> access to dn.sub="ou=group,dc=example" attrs=entry
> by users add
I already have this:
by set="this/manager & user" write
by * break
(My groups all have an additional objectClass, myGroup, which adds a manager, description, myStatus and myComment attribute to groups.)
Will the ACLs you propose break that? It doesn't look like they will; I just want to make sure.
Baskin School of Engineering
UC Santa Cruz