All,

I am new to LDAP and would like to ask a very basic question. My apologies if this subject had already been discussed, but I cannot seem to find a good answer yet.

What is the best way to allow write access to LDAP, based on *nix user accounts? In other words, I would like user 'root' or 'abc' to be able to manipulate entries without needing the LDAP password. Is this possible? If it is, what is the most secure way?

Thanks!


PS: The user will have an account on the LDAP server machine