>>> Tayyab Saeed <tayyab.sa...@nds.com.pk> schrieb am 04.09.2020 um 21:19 in Nachricht <720f2f84-964c-bd1a-994b-6d61632a6...@nds.com.pk>: > Dear Quanah, > > Thanks a lot for your quick response. > > Could you please guide me how can i grant administrative access via ACLs.
Here we usa a phrase " by group/organizationalRole/roleOccupant.exact="cn=LDAP-Manager,dc=bla,dc=bla" write" and And the LDAP-Manager looks like this: dn: cn=LDAP-Manager,... objectClass: organizationalRole cn: LDAP-Manager roleOccupant: uid=user1,ou=bla,dc=bla roleOccupant: uid=user2,ou=bla,dc=bla You should get the idea. Regards, Ulrich > > Thanks, > > Tayyab Saeed > > On 9/4/2020 6:41 PM, Quanah Gibson-Mount wrote: >> >> >> --On Friday, September 4, 2020 5:00 PM +0500 Tayyab Saeed >> <tayyab.sa...@nds.com.pk> wrote: >> >>> Dear LDAP guys / Quanah, >>> >>> I want to create another LDAP administrative account with same or >>> limited >>> privileges. >>> >>> Kindly guide me or share any link which help to achieve the above goal. >> >> Create an ldap group that contains the DNs of the users who should >> have administrative access as members, and then give that ldap group >> the administrative access via acls. I'd suggest using groupOfNames as >> the objectClass for the ldap group. >> >> Regards, >> Quanah >> >> >> -- >> >> Quanah Gibson-Mount >> Product Architect >> Symas Corporation >> Packaged, certified, and supported LDAP solutions powered by OpenLDAP: >> <http://www.symas.com> >>
