On Feb 15, 2011, at 14:45 , Simo Sorce wrote: > On Tue, 15 Feb 2011 14:09:07 -0500 > Peter Doherty <dohe...@hkl.hms.harvard.edu> wrote: > >> On Feb 15, 2011, at 14:02 , Rob Crittenden wrote: >> >>> Peter Doherty wrote: >>>> Hello, I'm running Fedora 14 and freeipa 1.2.2-6 >>>> >>>> >>>> Can I create a new cn/nsContainer (cn=subgroup,dc=example,dc=com) >>>> and then create an account that can edit that cn as much as they >>>> want, >>>> <snip> >>>> >>> >>> What would you put into this container? >>> >>> <snip> >>> >>> rob >> >> The first thing I'm looking to do with it is have a web server that >> has account information stored in LDAP, and to allow users to to >> ldap authentication. The users logging into the web server would be >> <snip> > > It is possible to do using LDAP tools and then setting an ACI on the > container to give the user you want full control on that container. > > Simo.
Simo, This gave me a good starting point, and after reading some more, I'm starting to wrap my brain around what I want to do and how to do it. LDAP has a steep learning curve, IMHO. Can you recommend any GUI tools for creating/modifying the ACI for the container? I started to try and create an ACI using the ones within FreeIPA as a reference, but if there's a GUI that would be useful too. I checked out Apache Directory Studio which looks nice, but doesn't seem to support the schema that FreeIPA is using. --Peter _______________________________________________ Freeipa-users mailing list Freeipafirstname.lastname@example.org https://www.redhat.com/mailman/listinfo/freeipa-users