--On Thursday, July 01, 2010 8:48 AM -0700 Tim Gustafson tjg@soe.ucsc.edu wrote:
If you mean a normal user which application-wise is granted higher privileges by ACLs, you need to make use of the granular "a" (add) and "z" (zap) privileges (their union is "w", write).
Pardon my thickness, but the documentation at http://www.openldap.org/doc/admin24/access-control.html specifically calls out the possible values of the "level" part of the ACL clause:
<level> ::= none | disclose | auth | compare | search | read | write | manage
Is this an undocumented feature? Should perhaps the documentation be updated, or maybe an example of this sort of ACL included in the examples section?
I suggest you refer to the man page, which is always the end authority on documentation.
--Quanah
--
Quanah Gibson-Mount Principal Software Engineer Zimbra, Inc -------------------- Zimbra :: the leader in open source messaging and collaboration