Hi
I have Openldap with samba, and some users. My users are part of ou=People,dc=mydomain,dc=com, like this, dn: uid=user1,ou=People,dc=mydomain,dc=com,
So i wanted some of my users to be able to administer a group of users and be able to create users, so a friend of mine recommended me to do the following, create a group like this
dn: cn=Admin Group1,cn=Admins,ou=People,dc=mydomain,dc=com, objectClass: groupOfNames objectClass: top cn: Admin Group1 member: uid=adming1,ou=People,dc=mydomain,dc=com,
and
dn: ou=Group1,ou=People,dc=mydomain,dc=com objectClass: organizationalUnit objectClass: top ou: U.A.A. Group1
the users of this "group" whould have to be
dn: uid=user1,ou=Group1,ou=People,dc=mydomain,dc=com,
And with and acl I give Admin Group1 users complete control over that ou.
So this seems to work. But I already have users that use my ldap, is it possible to change their dn, I am not clear on how to do this.
Thanks,
Juan Diego
Maybe, (do it with ldapmodify, fex.) dn: uid=user1,dc=tratata,dc=com changeType: modrdn newRDN: user2 deleteOldRDN: 1
???