[EMAIL PROTECTED] wrote:
Hi,
Having solved my previous problem (Authenticated users can create new entries
but then only creator can modify entry) which resembles setting up a sticky bit
on a file system directory, I am facing a new one:
How to limit the number of entries an authenticated user can add to a subtree
where he has write access.
Think of it as limiting the number of entries on a user's addressbook to
prevent denial of service by a user submitting a huge amount of addressbook
entries or bookmark entries for an bookmark manager based on openldap.
Is there a way for openldap to count the number of entries a user has added
before deciding whether to grant or deny write access to that user but always
allow him to modify/delte existing entries.
Nope, but there is a setting for how many entries are returned and/or
time taken. Your bookmark app could set a limit for writes also. See man
slapd.conf for "limits".
--
Kind Regards,
Gavin Henry.
OpenLDAP Engineering Team.
E [EMAIL PROTECTED]
Community developed LDAP software.
http://www.openldap.org/project/