Hi, I'd like to create a special user ("cn=useradmin,dc=myorg,dc=com") whose task would be creating new entries under "ou=people,dc=myorg,dc=com".
My problem is that useradmin will be used by a not completely trusted application. Can I prevent useradmin from deleting or modifying entries under "ou=people,dc=myorg,dc=com"?
Thank you very much for your help, Stefano
"Stefano Zanmarchi" zanmarchi@gmail.com writes:
Hi, I'd like to create a special user ("cn=useradmin,dc=myorg,dc=com") whose task would be creating new entries under "ou=people,dc=myorg,dc=com".
My problem is that useradmin will be used by a not completely trusted application. Can I prevent useradmin from deleting or modifying entries under "ou=people,dc=myorg,dc=com"?
man slapd.access(5), search for 'priv access model'.
-Dieter
openldap-technical@openldap.org