[Date Prev][Date Next]
Re: How to create a directory admin group
On 01/05/13 12:27 +0100, Onno van der Straaten wrote:
How can I define a admin group for my directory? Currently I have one admin
account, the one that was created during installation, cn=Manager,
dc=my-domain, dc=com. I would like to create a group for example
cn=ldap-admins,dc=my-domain,dc=com and then make users member of this group
to grant them privilege to do admin work on the directory similar to
The admin account you reference is the rootdn, which has no ACL
I suppose I have to add access rules. But where and how I don't know.
Right. You'd create a group, and then configure your ACLs appropriately.
See section 8.4.4 of the OpenLDAP Administrator's Guide for an example, and
the slapd.access and slapacl manpages.