Hi everybody
I have to solve one problem and I dont have chance to try live just on paper. Problem is
dn="cn=alonso,ou=drivers, ou=formula,dc=racing,dc=com"
dn="cn=root,dc=racing,dc=com"
In this situation, it is required that both the user “alonso” and the administrator of the directory database (whose name is “admin”) have administration capabilities over the “drivers” sections, while the rest of domain users can only read the objects of the section. Please write the access control list (in OpenLDAP configuration terms) that allows for that behavior.
It is this right???
access to dn.subtree"ou=drivers,ou=formula,dc=racing,dc=com"
by dn="cn=root,dc=racing,dc=com" write
by dn="cn=alonso,ou=drivers,ou=formula, dc=racing,dc=com" write
by * auth
by users read
Thanks
I have to solve one problem and I dont have chance to try live just on paper. Problem is
dn="cn=alonso,ou=drivers, ou=formula,dc=racing,dc=com"
dn="cn=root,dc=racing,dc=com"
In this situation, it is required that both the user “alonso” and the administrator of the directory database (whose name is “admin”) have administration capabilities over the “drivers” sections, while the rest of domain users can only read the objects of the section. Please write the access control list (in OpenLDAP configuration terms) that allows for that behavior.
It is this right???
access to dn.subtree"ou=drivers,ou=formula,dc=racing,dc=com"
by dn="cn=root,dc=racing,dc=com" write
by dn="cn=alonso,ou=drivers,ou=formula, dc=racing,dc=com" write
by * auth
by users read
Thanks
