Re: Fwd: REG: I thought I got the ACLs, but......

[8zero2 operations <8zero2ops@gmail.com>]

Thanks man, was searching down the wrong subtree :/, These are the two things I was doing wrong.

1.) I thought i need explicit access to entry and children attributes.

2.) I was searching in root DN and was expecting the accessible DNs to come in result, whereas access(search/read/write access) will also be needed.

finally pheww.. I spent one whole day trying to understand this :/ 

Regards,

Mail: 8zero2.in@gmail.com
Facebook: www.facebook.com/8zero2
Twitter: @8zero2_in
Blog: blog.8zero2.in

On Wed, Sep 6, 2017 at 8:30 PM, Quanah Gibson-Mount <quanah@symas.com> wrote:

--On Wednesday, September 06, 2017 6:15 PM +0530 8zero2 operations <8zero2ops@gmail.com> wrote:

So here is my scenario I have an ou of "user" and an ou of "Administrator"
now one user from administrator branch should be able to edit anything in
user branch and the other user should only be able to read the branch
"user", also I want userPassword to be visible to only Administrator
which has write permissions.

I suggest reading up on the "entry" pseudo-attribute as documented in the slapd.access(5) man page.

--Quanah


--

Quanah Gibson-Mount
Product Architect
Symas Corporation
Packaged, certified, and supported LDAP solutions powered by OpenLDAP:
<http://www.symas.com>