How to check the effective rights of one account (over another) with ucs/openldap?
Thanks a lot,
meg
There really isn’t a fine-grained mechanism in place for permissions. Yes, there are several restrictions for the OpenLDAP in the form of LDAP ACLs (see /etc/ldap/slapd.conf), but regarding editing accounts all you can tell is whether or not someone’s a member of Domain Admins.
Hi Moritz,
thanks for the quick response.
I’ve thought about something like the -J in ldapsearch for 389 Server.