No, i have seperated Groups like:
uniqueMember: cn=Some Name1,ou=Users,dc=mydomain,dc=edu,dc=com
uniqueMember: cn=Some Name2,ou=Users,dc=mydomain,dc=edu,dc=com
and all users under ou=Users,dc=mydomain,dc=edu,dc=com
2008/8/14 Gavin Henry <ghenry(a)openldap.org>:
Stelios A. wrote:
> I have a group called IT and another one called LDAP Admins. There are
> 5 users under IT and 2 under LDAP Admins.
> I'm looking for an acl where members of IT (groupOfUniqueNames) can
> modify/write anywhere under ou=Users.... apart from those users under
> the LDAP Admins group.
> Can anyone give me a help about this please.
> I've found only how to give access to IT group but not how to exclude
> LDAP Admins (2 in total) where those 2 exist also under IT group.
> Any ideas?
Your DIT sounds a bit messy. Do you have groups under ou=Users?
What is your design?
BTW, man slapd.access
OpenLDAP Engineering Team.
Community developed LDAP software.