Listbox wrote: > Hi folks, > I'm really stumped by this "Insufficient 'add' privilege" problem. > I can create all the "Administrators" I want for the netscaperoot directory, > but none of those users can: > > A) Create new users for my hymesruzicka directory > B) Create a new "Directory Administrator" for my hymesruzicka directory > C) Grant "'add' privilege" to my existing "Configuration Administrator" > my hymesruzicka directory > D) Add a user from the netscaperoot users to my hymesruzicka directory > "Directory Administrator" group > E) Modify or add the existing ACLs for my hymesruzicka directory > > Is there a way to create a new "Directory Administrator" and other users? Yes, by adding the appropriate ACIs. How was the data for your default suffix added? The way it works is that setup adds some ACIs to the default suffix you specify during setup to allow the console admin user to have access. If you import your data from another source these ACIs will not be created. You can just do a test install to see exactly what acis are created e.g. ldapsearch -x -D "cn=directory manager" -w yourpassword -b o=netscaperoot "aci=*" aci and ldapsearch -x -D "cn=directory manager" -w yourpassword -b "dc=yourdomain,dc=com" "aci=*" aci > If > not, and we have to wipe and re-install from scratch, what must we do to > ensure that we can create users and administrators for our directory? > > > Thanks! > > -- > Fedora-directory-users mailing list > Fedora-directory-users at redhat.com > https://www.redhat.com/mailman/listinfo/fedora-directory-users > -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/x-pkcs7-signature Size: 3245 bytes Desc: S/MIME Cryptographic Signature Url : http://lists.fedoraproject.org/pipermail/389-users/attachments/20080122/1fecd01f/attachment.bin
