Hi, > I've this estructure > > dc=empresa,dc=com > | > Dep1 > | > |---------User1 > |---------User11 > Dep2 > | > |---------User2 > |---------User22 > Dep3 > | > |---------User3 > |---------User33 > > > I want that User1 and User11 (users under Dep1) can only access to Dep1, > User1 and User11 data. --> Dep1 Subtree > I want that User2 and User22 (users under Dep2) can only access to Dep2, > User2 and User22 data. --> Dep2 Subtree > I want that User3 and User33 (users under Dep3) can only access to Dep3, > User3 and User33 data. --> Dep3 Subtree > > It's correct this ACL? Can't be more simple? > > #DEP1 ONLY ACCESS TO DEP1 > access to dn.subtree="ou=Dep1,dc=empresa,dc=com" > by dn.children="ou=Dep1,dc=empresa,dc=com" read > by anonymous auth > by * none > > #DEP2 ONLY ACCESS TO DEP2 > access to dn.subtree="ou=Dep2,dc=empresa,dc=com" > by dn.children="ou=Dep2,dc=empresa,dc=com" read > by anonymous auth > by * none > > #DEP3 ONLY ACCESS TO DEP3 > access to dn.subtree="ou=Dep3,dc=empresa,dc=com" > by dn.children="ou=Dep3,dc=empresa,dc=com" read > by anonymous auth > by * none > > #ADMIN > access to * > by dn="cn=admin,dc=empresa,dc=com" write > by anonymous auth > by * none > > > Thanks and bye. > > >

Hi, No I Don't.

> Isaac Gonzalez wrote: >> Hi, >>> I've this estructure >>> >>> dc=empresa,dc=com >>> | >>> Dep1 >>> | >>> |---------User1 >>> |---------User11 >>> Dep2 >>> | >>> |---------User2 >>> |---------User22 >>> Dep3 >>> | >>> |---------User3 >>> |---------User33 >>> >>> >>> I want that User1 and User11 (users under Dep1) can only access to >>> Dep1, >>> User1 and User11 data. --> Dep1 Subtree >>> I want that User2 and User22 (users under Dep2) can only access to >>> Dep2, >>> User2 and User22 data. --> Dep2 Subtree >>> I want that User3 and User33 (users under Dep3) can only access to >>> Dep3, >>> User3 and User33 data. --> Dep3 Subtree >>> >>> It's correct this ACL? Can't be more simple? >>> >>> #DEP1 ONLY ACCESS TO DEP1 >>> access to dn.subtree="ou=Dep1,dc=empresa,dc=com" >>> by dn.children="ou=Dep1,dc=empresa,dc=com" read >>> by anonymous auth >>> by * none >>> >>> #DEP2 ONLY ACCESS TO DEP2 >>> access to dn.subtree="ou=Dep2,dc=empresa,dc=com" >>> by dn.children="ou=Dep2,dc=empresa,dc=com" read >>> by anonymous auth >>> by * none >>> >>> #DEP3 ONLY ACCESS TO DEP3 >>> access to dn.subtree="ou=Dep3,dc=empresa,dc=com" >>> by dn.children="ou=Dep3,dc=empresa,dc=com" read >>> by anonymous auth >>> by * none >>> >>> #ADMIN >>> access to * >>> by dn="cn=admin,dc=empresa,dc=com" write >>> by anonymous auth >>> by * none >>> >>> >>> Thanks and bye. >>> >>> >>> > Have you resolved this? > > -- > Kind Regards, > > Gavin Henry. > Managing Director. > > T +44 (0) 1224 279484 > M +44 (0) 7930 323266 > F +44 (0) 1224 824887 > E ghenry(a)suretecsystems.com > > Open Source. Open Solutions(tm). > > http://www.suretecsystems.com/ >