----- "Simon Victor" simon@victornet.de wrote:
Hi,
What about trying to modify/delete it with the noop control?
that is a good tip, thank you at all. i will try to implement this, but i think this is some kind of "hack" anyway. additionally i will check if a solution with the aci's is also possible.
googling around i've found a control named "effective rights": https://opends.dev.java.net/public/standards/draft-ietf-ldapext-acl-model.tx...
is this supported by openldap?
No. But there's this http://www.openldap.org/its/?findid=4730. It's a contrib overlay that provides some information about accessibility. As expected, the information it can gather is not guaranteed to be correct, it's a best guess. As I already said, the only possibility to determine access rights consists in trying.
p.
Ing. Pierangelo Masarati OpenLDAP Core Team
SysNet s.r.l. via Dossi, 8 - 27100 Pavia - ITALIA http://www.sys-net.it ----------------------------------- Office: +39 02 23998309 Mobile: +39 333 4963172 Fax: +39 0382 476497 Email: ando@sys-net.it -----------------------------------