How you applied this rule in DS? I mean on what objects you applied it. Full dn will be good. You should put this on container nearest to objects that this rule should apply. Maybe simple ldif of trying edit description will be helpfull, also ldif showing that user you used is in this group.
The best guide for me was red hat directory serve guide (there is chapter for ACIs with a lot of examples). You can find it on red hat docs.
Greg.
I am trying to grant a specific group the ability to edit one attribute. I have the following ACI in place with no success:
(targetattr ="description")(version 3.0;acl "evolvadmins description modify";allow(all) (groupdn = "ldap:///cn=evolvadmins,ou=Groups,dc=evolv,dc=com");)
Any ideas what I need to do? Any good guides to troubleshooting and writing ACIs?
Josh
--
Joshua Ellsworth
Senior Systems Administrator, Primatics Financial
Phone: 571.765.7528
jellsworth@xxxxxxxxxxxxxxxxxxxxxx
--
389 users mailing list
389-users@xxxxxxxxxxxxxxxxxxxxxxx
https://admin.fedoraproject.org/mailman/listinfo/389-users
-- 389 users mailing list 389-users@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/389-users
