[Freeipa-devel] 389-DS ACI improvement to control MODDN
thierry bordaz
tbordaz at redhat.com
Tue Feb 25 15:04:39 UTC 2014
Hello,
Ticket https://fedorahosted.org/389/ticket/47553, is a 389-ds
enhancement to allow a finer access control during a MODDN (new
superior) operation. The use case being to allow/deny a bound user
to move an entry from one specified part of the DIT to an other part.
This without the need to grant the ADD permission.
I started a design of it
http://port389.org/wiki/Access_control_on_trees_specified_in_MODDN_operation.
Comments are welcomed.
regards
thierry
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/freeipa-devel/attachments/20140225/0d3b90fa/attachment.htm>
More information about the Freeipa-devel
mailing list