Hello, I'm playing around with the ACIs right now and followed the example in the apache 1.0.1 docs (hope they still apply i'm on apacheds 1.5.0 now since i need the dynamic schema after figuring out the ACI stuff)
I'd like the following: cn=Manager,dc=example,dc=com can access everything in dc=example,dc=com (DONE) all posixAccount or inetOrgPerson objects in ou=people,dc=example,dc=com should be allowed to change the password of the "self" entry (sorry lacking better terms don't know if that's appropriate) but noone else (except for Manager of course) This is where I'm not sure how to tell apacheds that this self entry can access/change the password but noone else. And a few other restrictions like not changing the address or similiar stuff which i was able to figure out. The second thing is that LDAPStudio won't show a posixAccount or posixGroup objectClass, was it dropped in 1.5 or am I doing something wrong? I'll be happy to provide details but I'm not too proficient with ldap right now. thanks -- Martin Marcher [EMAIL PROTECTED] http://www.mycorners.com https://www.xing.com/profile/Martin_Marcher http://www.linkedin.com/in/martinmarcher http://www.studivz.net/profile.php?ids=9f83ea8c5996b8ec http://www.amazon.de/gp/registry/wishlist/3KDAGCL2NKOIM/ref=reg_hu-wl_goto-registry/302-4432803-5146435?ie=UTF8&sort=date-added
