[email protected] wrote: > This is in fact what I was looking for; whether OpenLDAP supports this > per-operation Proxy Authz Control.
So you can try yourself. The rootdn can always do this.
The help of ldapsearch tool says:
-e [!]<ext>[=<extparam>] general extensions (! indicates criticality)
[..]
[!]authzid=<authzid> (RFC 4370; "dn:<dn>" or "u:<user>")
Ciao, Michael.
