Re: User Administration
On Tue, Nov 02, 2004 at 03:05:55PM +0100, Andreas Schuldei wrote:
|
| On Tue, Nov 02, 2004 at 02:15:29PM +0100, Finn-Arne Johansen wrote:
| > > Why do they need a ldap-admin password. If they are member of admins or jr.
| > > admins group schouldn't that be sufficient?
|
| the admin is empowered by the acls in slapd.conf. you can empower
| others by giving them the same access rights as admin. i would
| not do that automatically because of robustness and danger
| reasons.
|
| <...>
|
| > or to extend the acl in /etc/ldap/slapd.conf.
|
| you can add individual users to slapd.conf, giving them jradmin
| or admin rights by granting them the required access rights. i
| would not do that automatically, though. otherwise it would be a
| solution to the problem, eventhough it works by granting
| individuals access, not whole groups. that is why i did not list
| it as a third option originally.
|
I've empowered an ldapuser in slapd.conf with admin rights. With an
ldapbrowser I can modify and create entries. If I take this user down the
webmin->wlus path I cannot do anything but give him/her self a new password
- if he/she can remeber his old. Is this a bug or a feature in wlus?
--
Runo Førrisdahl -
Infostream http://www.infostream.no/
Reply to: