Hi all,
We're running 389-Directory/1.3.9.0 B2018.304.1940.
Is it possible via ACIs to restrict read/search permission on attributes with a particular value?
My use case is that we have an "isMemberOf" attribute in our directory, and we have some group memberships that are of a sensitive nature. I would like to have all "isMemberOf" attribute values *except* for these sensitive ones readable/searchable to all authenticated user DNs, and the "sensitive" ones only readable/searchable by a particular user DN.
Any ideas? From reading the Red Hat directory server ACI documentation, I can't find a way to do this.
Thanks in advance,
--Gary
--
Gary Windham
Principal Enterprise Systems Architect
University Information Technology Services
The University of Arizona
Email: windhamg@xxxxxxxxxxx
Office: +1 520 626 5981
_______________________________________________ 389-users mailing list -- 389-users@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to 389-users-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/389-users@xxxxxxxxxxxxxxxxxxxxxxx
