Thanks, and what about the Java Console? What I need is deliver a procedure using the console and not via command line.
Thanks a lot!
Il giorno 27/feb/2012, alle ore 13:25, Arpit Tolani ha scritto:
Hie
Hello,
can someone help me please about that?
Thanks
________________________________
Hello All,
I would like to profile ACLs in order to let some users manage their own OU via Console. Example: -OUone | USERone, USERtwo, USERthree -OUtwo | USERfour, USERfive -OUthree | USERsix, USERseven, USEReight
In every OU I have many users, but I would like to give console access to one user x OU and let them manage their own OU without list and manage the other OUs.
USERone can add or remove users ONLY for OUone USERfour can add or remove users ONLY for OUtwo USERsix can add or remove users ONLY for OUthree
Thanks!!
Andrea
Below acl's will help you to achieve the same.
aci: (targetattr = "*") (target = "ldap:///ou=ouone,dc=example,dc=com") (versi on 3.0;acl "user_one";allow (all,proxy)(userdn = "ldap:///uid=userone,ou=Peo ple,dc=example,dc=com");) aci: (targetattr = "*") (target = "ldap:///ou=outwo,dc=example,dc=com") (versi on 3.0;acl "user_four";allow (all)(userdn = "ldap:///uid=userfour,ou=People, dc=example,dc=com");) aci: (targetattr = "*") (target = "ldap:///ou=outhree,dc=example,dc=com") (ver sion 3.0;acl "user_six";allow (all)(userdn = "ldap:///uid=usersix,ou=People, dc=example,dc=com");)
It says uid=userone,ou=People,dc=example,dc=com can write in ou=ouone,dc=example,dc=com & uid=userfour,ou=People,dc=example,dc=com can write in ou=outwo,dc=example,dc=com & uid=usersix,ou=People,dc=example,dc=com can write in ou=outhree,dc=example,dc=com
Example # entry-id: 19 dn: uid=utest,ou=ouone,dc=example,dc=com uid: utest givenName: user objectClass: top objectClass: person objectClass: organizationalPerson objectClass: inetorgperson sn: test cn: user test userPassword: {MD5}4nmK8Sp6D09wtNae+8JfTQ== creatorsName: uid=userone,ou=people,dc=example,dc=com <---------- created as per ACI modifiersName: uid=userone,ou=people,dc=example,dc=com createTimestamp: 20120227201512Z modifyTimestamp: 20120227201512Z nsUniqueId: ad0ee181-617f11e1-bd04f4a7-338b5e96
Regards Arpit Tolani -- 389 users mailing list 389-users@lists.fedoraproject.orgmailto:389-users@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/389-users
________________________________
-- The information transmitted is intended for the person or entity to which it is addressed and may contain confidential and/or privileged material. Any review, retransmission, dissemination or other use of, or taking of any action in reliance upon, this information by persons or entities other than the intended recipient is prohibited. If you received this in error, please contact the sender and delete the material from any computer.