How do I create an openldap ACL to grant write access but not delete them?
Issue
There are situations where we need to delegate only write access to someone so they can create ldap entries, but they should not be allowed to delete it. The “write” access(to a subtree) in openldap ACL allows one to create and delete entries, How do I create an openldap ACL to grant write access but not delete them?
Environment
- Red Hat Enterprise Linux 5/6
- openldap-servers
Subscriber exclusive content
A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.