Thanks, and what about the Java Console?
What I need is deliver a procedure using the console and not via command line.

Thanks a lot!

Il giorno 27/feb/2012, alle ore 13:25, Arpit Tolani ha scritto:

Hie

Hello,

can someone help me please about that?

Thanks

Hello All,

I would like to profile ACLs in order to let some users manage their own OU via Console.
Example:
-OUone | USERone, USERtwo, USERthree
-OUtwo | USERfour, USERfive
-OUthree | USERsix, USERseven, USEReight

In every OU I have many users, but I would like to give console access to one user x OU and let them manage their own OU without list and manage the other OUs.

USERone can add or remove users ONLY for OUone
USERfour can add or remove users ONLY for OUtwo
USERsix can add or remove users ONLY for OUthree

Thanks!!

Andrea


Below acl's will help you to achieve the same.

aci: (targetattr = "*") (target = "ldap:///ou=ouone,dc=example,dc=com") (versi
 on 3.0;acl "user_one";allow (all,proxy)(userdn = "ldap:///uid=userone,ou=Peo
 ple,dc=example,dc=com");)
aci: (targetattr = "*") (target = "ldap:///ou=outwo,dc=example,dc=com") (versi
 on 3.0;acl "user_four";allow (all)(userdn = "ldap:///uid=userfour,ou=People,
 dc=example,dc=com");)
aci: (targetattr = "*") (target = "ldap:///ou=outhree,dc=example,dc=com") (ver
 sion 3.0;acl "user_six";allow (all)(userdn = "ldap:///uid=usersix,ou=People,
 dc=example,dc=com");)

It says uid=userone,ou=People,dc=example,dc=com can write in ou=ouone,dc=example,dc=com
& uid=userfour,ou=People,dc=example,dc=com can write in ou=outwo,dc=example,dc=com
& uid=usersix,ou=People,dc=example,dc=com can write in ou=outhree,dc=example,dc=com

Example
# entry-id: 19
dn: uid=utest,ou=ouone,dc=example,dc=com
uid: utest
givenName: user
objectClass: top
objectClass: person
objectClass: organizationalPerson
objectClass: inetorgperson
sn: test
cn: user test
userPassword: {MD5}4nmK8Sp6D09wtNae+8JfTQ==
creatorsName: uid=userone,ou=people,dc=example,dc=com <---------- created as per ACI
modifiersName: uid=userone,ou=people,dc=example,dc=com
createTimestamp: 20120227201512Z
modifyTimestamp: 20120227201512Z
nsUniqueId: ad0ee181-617f11e1-bd04f4a7-338b5e96


Regards
Arpit Tolani
--
389 users mailing list
389-users@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/389-users



--
The information transmitted is intended for the person or entity to which it is addressed and may contain confidential and/or privileged material. Any review, retransmission, dissemination or other use of, or taking of any action in reliance upon, this information by persons or entities other than the intended recipient is prohibited. If you received this in error, please contact the sender and delete the material from any computer.