Or maybe it's not so complicated and I don't know how. ;) This is what I'm trying to accomplish: Users who are a member of the group 'cn=support' can perform ALL operations on 'userPassword', except on targets which are a member of group 'cn=admins' or 'cn=bosses'. Is this possible? I can't figure out how. Thanks in advance! --BO -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.fedoraproject.org/pipermail/389-users/attachments/20070330/279888de/attachment.html
