locked
Subadminstration in a LDAP-directory RRS feed

  • Question

  • User1718580017 posted

    Hi @ all,

    I have a little problem. I have a LDAP-directory with about twenty diffrent OUs.

    The thing I want to have is a seperate administrator for each OU. So that admin one only can administrate OU one and admin two can only administrate OU two.

    I've read, that the permissions are set over ACLs. Is this right? And I think, a ACL-entry is represented as an attribute in the entry. Is this right, too? So do I have to add an aclEntry-attribute to my OU? Or what do I have to do? I've also read about the aclPropagate-attribute. I think I have to set this to true, so the administrator have access to all of the entries under his OU.

    So, can anybody help me?

    Thanks :)

    Wuuz

    Monday, September 8, 2014 1:55 AM

All replies

  • User-1454326058 posted

    Hi Wuuz,

    You may take a look at this article:

    # Permissions and ACLs

    http://dev.day.com/docs/en/cq/current/administering/security.html#Permissions and ACLs    

    Best Regards

    Starain Chen

    Wednesday, September 10, 2014 2:23 AM