Thanks man, was searching down the wrong subtree :/, These are the two things I was doing wrong.
1.) I thought i need explicit access to entry and children attributes. 2.) I was searching in root DN and was expecting the accessible DNs to come in result, whereas access(search/read/write access) will also be needed.
finally pheww.. I spent one whole day trying to understand this :/
Regards, Mail: 8zero2.in@gmail.com Facebook: www.facebook.com/8zero2 Twitter: @8zero2_in Blog: blog.8zero2.in
On Wed, Sep 6, 2017 at 8:30 PM, Quanah Gibson-Mount quanah@symas.com wrote:
--On Wednesday, September 06, 2017 6:15 PM +0530 8zero2 operations < 8zero2ops@gmail.com> wrote:
So here is my scenario I have an ou of "user" and an ou of "Administrator"
now one user from administrator branch should be able to edit anything in user branch and the other user should only be able to read the branch "user", also I want userPassword to be visible to only Administrator which has write permissions.
I suggest reading up on the "entry" pseudo-attribute as documented in the slapd.access(5) man page.
--Quanah
--
Quanah Gibson-Mount Product Architect Symas Corporation Packaged, certified, and supported LDAP solutions powered by OpenLDAP: http://www.symas.com