Checking Access Rights on Entries (Get Effective Rights)

How to check the effective rights of one account (over another) with ucs/openldap?

Thanks a lot,

There really isn’t a fine-grained mechanism in place for permissions. Yes, there are several restrictions for the OpenLDAP in the form of LDAP ACLs (see /etc/ldap/slapd.conf), but regarding editing accounts all you can tell is whether or not someone’s a member of Domain Admins.

Hi Moritz,

thanks for the quick response.
I’ve thought about something like the -J in ldapsearch for 389 Server.