Viviano, Brad wrote: > Adjusting ACL's seems like overkill for this situation and I have to work within the bounds of what sssd offers. I'm doing this with sssd and it's definitely not overkill => there's no valid excuse to not learn about ACLs And it does not only work for applications/clients which support a custom name-your-favourite-vendor-specific-lock-attribute-here. If done right ACLs simply make entries invisible for sssd or *every* application integrated with your LDAP server. Ciao, Michael.
Description: S/MIME Cryptographic Signature