Granting Rights To Add And Delete Group Entries - Red Hat DIRECTORY SERVER 8.0 - ADMINISTRATION Administration Manual
Hide thumbs
Also See for DIRECTORY SERVER 8.0 - ADMINISTRATION:
- Installation manual (128 pages) ,
- Command reference manual (278 pages)
Table of Contents
Advertisement
Chapter 6. Managing Access Control
d. Click OK to dismiss the Add Users and Groups dialog box.
4. In the Rights tab, click the Check All button.
All checkboxes are selected, except for proxy rights.
5. Click OK.
The new ACI is added to the ones listed in the Access Control Manager window.
6.9.5. Granting Rights to Add and Delete Group Entries
Some organizations want to allow employees to create entries in the tree if it can increase their
efficiency or if it can contribute to the corporate dynamics.
At example.com, there is an active social committee that is organized into various clubs, such as
tennis, swimming, and skiing. Any example.com employee can create a group entry representing a
new club. This is illustrated in
can become a member of one of these groups. This is illustrated in
Members""
Section 6.9.9, "Allowing Users to Add or Remove Themselves from a
under
the group owner can modify or delete a group entry. This is illustrated in
Group"".
6.9.5.1. ACI "Create Group"
In LDIF, to grant example.com employees the right to create a group entry under the ou=Social
Committee branch, write the following statement:
aci: (target="ldap:///ou=social committee,dc=example,dc=com)
(targattrfilters="add=objectClass:(objectClass=groupOfNames)")
(version 3.0; acl "Create Group"; allow (add)
(userdn= "ldap:///uid=*,ou=example-people,dc=example,dc=com")
and dns="*.example.com";)
NOTE
This ACI does not grant write permission, which means that the entry creator cannot
modify the entry.
This example assumes that the ACI is added to the ou=social committee,
dc=example,dc=com entry.
From the Console, set this permission by doing the following:
1. In the Directory tab, right-click the Social Committee entry under the example.com node in
the left navigation tree, and choose Set Access Permissions from the pop-up menu to display
the Access Control Manager.
2. Click New to display the Access Control Editor.
3. In the Users/Groups tab, in the ACI name field, type Create Group. In the list of users granted
access permission, do the following:
192
Section 6.9.5.1, "ACI "Create
Group"". Any example.com employee
Section 6.9.9.1, "ACI "Group
Section 6.9.5.2, "ACI "Delete
Group". Only
Advertisement
Table of Contents
Troubleshooting
Related Manuals for Red Hat DIRECTORY SERVER 8.0 - ADMINISTRATION
Related Products for Red Hat DIRECTORY SERVER 8.0 - ADMINISTRATION
- Red Hat DIRECTORY SERVER 2.0 - GATEWAY
- Red Hat DIRECTORY SERVER 7.1 SP7 - S
- Red Hat DIRECTORY SERVER 8.1 - USING RED HAT CONSOLE 4-28-2008
- Red Hat DIRECTORY SERVER 8.1 - USING THE ADMIN SERVER
- Red Hat Linux Virtual Server
- Red Hat LINUX VIRTUAL SERVER - FOR ENTERPRISE LINUX 5.2 REV 05-2008
- Red Hat LINUX VIRTUAL SERVER 4.5 - ADMINISTRATION
- Red Hat LINUX VIRTUAL SERVER 4.6 - ADMINISTRATION
Need help?
Do you have a question about the DIRECTORY SERVER 8.0 - ADMINISTRATION and is the answer not in the manual?
Questions and answers