Hello everybody,
Is there a way to achieve what the subject says? For example, we can imagine users like:
uid=user,ou=people,dc=example,dc=com
And the group that I wish the users should be able to join using ldapmodify is:
cn=group,dc=example,dc=com.
What I wish to achieve is to let a user write in this dn, only the memberOf attribute, by containing only their specific dn. Moreover, the user will have to be able to remove this entry from this group if they wish, using ldapmodify again.
Thank you very much for your help in advance,
mamalos
On 08/04/2011 15:34, George Mamalakis wrote:
Hello everybody,
Is there a way to achieve what the subject says? For example, we can imagine users like:
uid=user,ou=people,dc=example,dc=com
And the group that I wish the users should be able to join using ldapmodify is:
cn=group,dc=example,dc=com.
What I wish to achieve is to let a user write in this dn, only the memberOf attribute, by containing only their specific dn. Moreover, the user will have to be able to remove this entry from this group if they wish, using ldapmodify again.
Thank you very much for your help in advance,
mamalos
Found it guys,
sorry for the disturbance, it's located in openldap's documentation, at the end of paragraph: http://www.openldap.org/doc/admin24/access-control.html#Access%20Control%20E...
Thanks again for your time,
On Fri, 8 Apr 2011, George Mamalakis wrote:
What I wish to achieve is to let a user write in this dn, only the memberOf attribute, by containing only their specific dn. Moreover, the user will have to be able to remove this entry from this group if they wish, using ldapmodify again.
OpenLDAP 2.4 Administrator's Guide, section 8.2.5.
On 11/04/2011 15:50, Aaron Richton wrote:
On Fri, 8 Apr 2011, George Mamalakis wrote:
What I wish to achieve is to let a user write in this dn, only the memberOf attribute, by containing only their specific dn. Moreover, the user will have to be able to remove this entry from this group if they wish, using ldapmodify again.
OpenLDAP 2.4 Administrator's Guide, section 8.2.5.
Thank you Aaron,
I also found this solution and sent an email to the list saying so, but my mail was rejected from openldap-technical due to my smtp server being listed in an RBL.
Thanks again your interest!
openldap-technical@openldap.org
-
Aaron Richton -
George Mamalakis