#1
  1. No Profile Picture
    Registered User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Sep 2004
    Posts
    2
    Rep Power
    0

    Access to certain branches


    How do I create bind users such that some bind users can have read/write access to one branch within the directory, and only read access to the rest of the directory?

    I know how to create some bind users who only have read access, and other bind users who have read/write access, but is there a way to limit certain areas of access for bind users?

    Thanks for your help!
  2. #2
  3. No Profile Picture
    Registered User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Sep 2004
    Posts
    2
    Rep Power
    0

    one long solution


    I've figured out that if you declare the same user twice, one with admin access and the other with reg user access within the same access control file, the user can have read access to one and write access to the other:

    set admin-user = {
    user = <o "PennState"><ou "Faculty"><cn "mrLion">
    subtree = <o "PennState"><ou "Faculty">
    };

    set reg-user = {
    user = <o "PennState"><ou "Faculty"><cn "mrLion">
    subtree = <o "PennState"><ou "Students">
    };


    This will allow the "mrLion" user to be able to modify the Faculty area of the DIT, but only ready access to the Students area. However, this is quite tedious, esp. with several users. I'm still trying to figure out if there is a way to deny modify access to admin users for some areas of the directory.

IMN logo majestic logo threadwatch logo seochat tools logo