Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss

ACL : Allowing users to modify some of their attributes

1 view
Skip to first unread message

DW

unread,
Jan 30, 2004, 6:44:25 AM1/30/04
to
I'm trying to have all my users allowed to modify some of their attributes
without having to define an ACL for each user. (and of course, i don't want
user X to be allowed to modify user's Y attributes).
Which ACL do I need to add.
I've tried to use the [Self] Trustee with inheritance on the Root node, but
then all users are allowed to change the selected attribute for any user.

Thanks for your help

John Baird

unread,
Jan 30, 2004, 4:56:03 PM1/30/04
to

DW wrote:

What version of eDir? As I understand it, [Self] requires 8.7x. It should not
provide rights to other users.

John

David Gersic

unread,
Jan 30, 2004, 5:06:24 PM1/30/04
to
On Fri, 30 Jan 2004 11:44:25 GMT, "DW" <david_...@yahoo.fr> wrote:

>I'm trying to have all my users allowed to modify some of their attributes
>without having to define an ACL for each user. (and of course, i don't want
>user X to be allowed to modify user's Y attributes).
>Which ACL do I need to add.

What version of eDir are you using? If you have 8.7 or newer on all servers,
have a look at [This]. Works like [Self], but applies only for and only to the
currently logged in object.


---------------------------------------------------------------------------
David Gersic dgersic_@_niu.edu

I'm tired of receiving rubbish in my mailbox, so the E-mail address is
munged to foil the junkmail bots. Humans will figure it out on their own.

DW

unread,
Feb 2, 2004, 10:34:00 AM2/2/04
to
I've tried [This], but i get the error message -601 "ERR_NO_SUCH_ENTRY:
Object passed in could not be found.Either the object does not exist on the
replying server or the requester has insufficient rights to the object."
I only have a test server which is running eDir 8.7.

"David Gersic" <dgersic_@_niu.edu> wrote in message
news:401a7d84...@support-forums.novell.com...

DW

unread,
Feb 2, 2004, 10:39:21 AM2/2/04
to
I have eDir 8.7

I have the following structure
o=users
CN=user1
CN=user2
CN=...

and i Would like user1 and user2 to be able to modify their phone number
(for example)
so i've tried to set the following ACL

o=users <- Trustee [Self] Access : WI [Write+Inherit] Object [o=users]
Attribute [phone number]

user1 and user2 are allowed to modify their phone numbers, but they are also
able to modify the other user's phone number....

So....
i'm lost :(
at start; it seems a fairly simple thing to do...

"John Baird" <jo...@jrbsoftware.com> wrote in message
news:401AD4A2...@jrbsoftware.com...

0 new messages