Hello folks, I have a quick query, I'm using openldap with ppolicy. I'm using following ACL just to test things right, I came across the issue, for which I'm unable to find appropriate answers:
ACL used: --- access to * by * manage --- 1. How to restrict ldappasswd command to clear the pwdReset flag to user's entry ? 2. Can some other users (member of group) can work rootdn (bypass ppolicy like rootdn but it should apply to their account itself) ? 3. Other question is about ACL is "What's the difference between ACL "write" and "manage" access" write =wrscdx needed to modify/rename manage =mwrscdx needed to manage I'm not able to determine what access "manage" gives over and above "write" access. I didn't find much info at openldap.org access-control section. Thank you. Regards,
