Hello folks,
I have a quick query, I'm using openldap with ppolicy. I'm using following ACL just to test things right, I came across the issue, for which I'm unable to find appropriate answers:
ACL used:
--- access to * by * manage ---
1. How to restrict ldappasswd command to clear the pwdReset flag to user's entry ? 2. Can some other users (member of group) can work rootdn (bypass ppolicy like rootdn but it should apply to their account itself) ? 3. Other question is about ACL is "What's the difference between ACL "write" and "manage" access"
write =wrscdx needed to modify/rename manage =mwrscdx needed to manage
I'm not able to determine what access "manage" gives over and above "write" access. I didn't find much info at openldap.org access-control section.
Thank you.
Regards,