--On Friday, December 23, 2016 11:16 AM +0100 Alberto Aldrigo alberto.aldrigo@h-farm.com wrote:

uid=user1 and uid=user6 are company1's administrators, so they can write in whole o=company1 subtree

Might be best to make an LDAP group with those users as members, and then write an ACL based off of that group for its specific privileges.

--Quanah

--

Quanah Gibson-Mount Product Architect Symas Corporation Packaged, certified, and supported LDAP solutions powered by OpenLDAP: http://www.symas.com