Adding delegation of authority to the current LDAP structure?

To: debian-edu@lists.debian.org
Subject: Adding delegation of authority to the current LDAP structure?
From: Petter Reinholdtsen <pere@hungry.com>
Date: Sat, 05 Mar 2005 12:38:13 +0100
Message-id: <[🔎] E1D7Xbp-00002g-EF@saruman.uio.no>

Recently, on the norwegian user list, the wish for delegating access
to change passwords have been expressed.  As far as I know such
delegation need to be fixed in the LDAP database (slapd) with the
current design of the user database in Debian Edu.  The plan for a
long term solution for this problem is to start using Cerebrum, which
give us more control over the access rights and the possibility to
grant access to subgroups.

But Cerebrum isn't ready to go into Debian Edu yet, and it would be
nice if we could find some short term solution as well.  Is it
possible to adjust the current LDAP configuration to grant password
change access to a group of LDAP users?  I would like to grant such
access to all users in the teacher group.  I suspect this is
impossible without changing the structure of the LDAP tree, and we do
not want to do that as it would make the existing installations
incompatible.

Any suggestions or ideas?

Reply to:

Follow-Ups:
- Re: Adding delegation of authority to the current LDAP structure?
  - From: Trond Mæhlum <trond@mahlum.biz>
- Re: Adding delegation of authority to the current LDAP structure?
  - From: Maximilian Wilhelm <max@rfc2324.org>
- Re: Adding delegation of authority to the current LDAP structure?
  - From: andreas@schuldei.org (Andreas Schuldei)

Prev by Date: Re: Locales and OpenOffice.
Next by Date: Re: Locales and OpenOffice.
Previous by thread: emails para mala direta dividida por estados
Next by thread: Re: Adding delegation of authority to the current LDAP structure?
Index(es):
- Date
- Thread