I have a quick query, I'm using
openldap with ppolicy. I'm using following ACL just to test things
right, I came across the issue, for which I'm unable to find appropriate
access to * by * manage
1. How to restrict ldappasswd command to clear the pwdReset flag to user's entry ?
Can some other users (member of group) can work rootdn (bypass ppolicy
like rootdn but it should apply to their account itself) ?
3. Other question is about ACL is "What's the difference between ACL "write" and "manage" access"
write =wrscdx needed to modify/rename
manage =mwrscdx needed to manage
I'm not able to determine what access "manage" gives over and above "write" access.
I didn't find much info at openldap.org