30 Mar
2022
30 Mar
'22
6:01 a.m.
Hi. Is it possible to make admin Bob unable to edit accounts (delete, create, change passwords)created this year ? There is an idea to move them to a group or OU and give Bob the rights to write only there. Is there a more elegant solution ?
30 Mar
30 Mar
8:37 a.m.
beren beren wrote:
Hi. Is it possible to make admin Bob unable to edit accounts (delete, create, change passwords)created this year ? There is an idea to move them to a group or OU and give Bob the rights to write only there. Is there a more elegant solution ?
Sure, use a filter like (createTimestamp>=20220101000000) in the ACL.
--
-- Howard Chu
CTO, Symas Corp. http://www.symas.com
Director, Highland Sun http://highlandsun.com/hyc/
Chief Architect, OpenLDAP http://www.openldap.org/project/
968
Age (days ago)
968
Last active (days ago)
openldap-technical@openldap.org
1 comments
2 participants
participants (2)
-
beren beren -
Howard Chu