Ticket https://fedorahosted.org/389/ticket/47553, is a 389-ds
enhancement to allow a finer access control during a MODDN (new
superior) operation. The use case being to allow/deny a bound user
to move an entry from one specified part of the DIT to an other part.
This without the need to grant the ADD permission.
I started a design of it
Comments are welcomed.
Freeipa-devel mailing list