On 28 Aug 2010, at 21:03, Kilian Röhner wrote: > Hi, > > when i'm trying to modify an attribute of an entry, i am not allow to > modify, the update method gives me of course an "Insufficent Access Error". > > I want to prevent that, so my question is: How can i check _before_ > doing the modify, if i am allowed to do it? > > Or an other way: Is there a possibility, that the search method returns > only those attributes, i am allowed to modify?
Check if your server vendor has implemented the X.500 "modifyRightsRequest" feature in LDAP (eg as an LDAP control), as that does exactly what you want. Cheers, Chris
