[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: User Administration

On Tue, Nov 02, 2004 at 03:05:55PM +0100, Andreas Schuldei wrote:
| On Tue, Nov 02, 2004 at 02:15:29PM +0100, Finn-Arne Johansen wrote:
| > > Why do they need a ldap-admin password. If they are member of admins or jr.
| > > admins group schouldn't that be sufficient?
| the admin is empowered by the acls in slapd.conf. you can empower
| others by giving them the same access rights as admin. i would
| not do that automatically because of robustness and danger
| reasons.
| <...>
| > or to extend the acl in /etc/ldap/slapd.conf.
| you can add individual users to slapd.conf, giving them jradmin
| or admin rights by granting them the required access rights. i
| would not do that automatically, though. otherwise it would be a
| solution to the problem, eventhough it works by granting
| individuals access, not whole groups. that is why i did not list
| it as a third option originally.

I've empowered an ldapuser in slapd.conf with admin rights. With an
ldapbrowser I can modify and create entries. If I take this user down the
webmin->wlus path I cannot do anything but give him/her self a new password
- if he/she can remeber his old. Is this a bug or a feature in wlus?

Runo Førrisdahl -
Infostream http://www.infostream.no/

Reply to: