Jaap Winius <[email protected]> writes: > Hi all, > > Is it possible to define an ACL that gives a DN access to a particular > attribute in other DNs based on the value of one of its own attributes? > > For example, would it be possible to define an ACL that would allow a > DN with title=telephonemanager to update only the telephoneNumber > attribute of other DNs? In other words, the ACL would allow updates to > telephoneNumber, but only for search filter title=telephonemanager; a > simple a change of the title would result in the gain or loss of the > right to make such updates.
man slapd.access(5) http://www.openldap.org/faq/data/cache/429.html http://www.openldap.org/faq/data/cache/1133.html -Dieter -- Dieter Klünter | Systemberatung http://dkluenter.de GPG Key ID:8EF7B6C6 53°37'09,95"N 10°08'02,42"E
