Let me Elaborate what I want to ask you.
Say, I have 2 project under People directory structure –
1. DICE and 2. IM.
Under ----DICE I have two users – Vinod and Sapna and
Under -----IM two users – shamim and Shreepath
Now What I did is I right clicked on DICE. > Set
Access Permission > New > Named ACI as “Access Control” > Added
user “Shamim” from IM(Coz I don’t want him to access DICE
project) > Rights(I dint selected any—completely unticked) > Target
(Target Directory EntryàSame entry
(ou=DICE,ou=People,dc=csse,dc=edu,dc=com)
> Host = 10.14.242.93 > time(Left unaltered)
The rule which was constructed :
(targetattr = "*") (target =
"ldap:///ou=DICE,ou=People, dc=csse,dc=edu,dc=com") (version 3.0;acl
"Acess rights for these users";deny (all)(userdn =
"ldap:///uid=shamim,ou=IM,ou=People, dc=csse,dc=edu,dc=com") and
(ip="10.14.242.93");)
Now It means that if it work fine…If I login as Shamim
in 10.14.242.93 it should not be able to throw any output as I run:
$pwd
/home/shamim
$getent passwd Vinod
An I right??????if not then what is the correct way to
implement this???
This e-mail and any attachment is for authorised use by the intended recipient(s) only. It may contain proprietary material, confidential information and/or be subject to legal privilege. It should not be copied, disclosed to, retained or used by, any other party. If you are not an intended recipient then please promptly delete this e-mail and any attachment and all copies and inform the sender. Thank you.