Let me Elaborate what I want to ask you.

 

Say, I have 2 project under People directory structure –  1. DICE and 2. IM.

Under ----DICE I have two users – Vinod and Sapna and

Under -----IM two users – shamim and Shreepath

Now What I did is I right clicked on DICE. >  Set Access Permission > New > Named ACI as “Access Control” > Added user “Shamim” from IM(Coz I don’t want him to access DICE project) > Rights(I dint selected any—completely unticked) > Target (Target Directory EntryàSame entry (ou=DICE,ou=People,dc=csse,dc=edu,dc=com)

>  Host = 10.14.242.93 > time(Left unaltered)

 

The rule which was constructed :

 

(targetattr = "*") (target = "ldap:///ou=DICE,ou=People, dc=csse,dc=edu,dc=com") (version 3.0;acl "Acess rights for these users";deny (all)(userdn = "ldap:///uid=shamim,ou=IM,ou=People, dc=csse,dc=edu,dc=com") and (ip="10.14.242.93");)

 

 

Now It means that if it work fine…If I login as Shamim in 10.14.242.93 it should not be able to throw any output as I run:

$pwd

/home/shamim

$getent passwd Vinod

 

 

An I right??????if not then what is the correct way to implement this???