[Samba] samba4 AD, allow users to modify (some of) their own attributesHi
Davor Vusir
davortvusir at gmail.com
Wed Apr 9 11:08:02 MDT 2014
On 2014-04-09 17:26, mourik jan heupink - merit wrote:
> Hi Davor, list,
>
>> Start ADUC and create a group 'Selfie-PropEdit' and add select
>> useraccounts and groups.
>>
>> Right-click the container where the useraccounts are situated and start
>> the 'Delegate Control...'-wizard. Click Next.
>> Add the group 'Selfie-PropEdit' and click Next.
>> Choose 'Create a custom task to delegate' and click Next.
>> Choose 'Only the following objects in the folder', scroll down and mark
>> 'User objects'. Click Next.
>> Mark 'Property-specific' and choose appropriate properties from the
>> 'Permissions'-list and click Next.
>> Click Finish.
>
> This is quite a cool recipe, thanks :-)
>
> One question: doesn't the above mean Selfie-PropEdit-users can edit
> those attributes for ALL users? I would like them ONLY to be able to
> edit their own details..?
>
You're welcome.
All users can edit all delegated userproperties. Unfortunately.
/Davor
> Thanks!
More information about the samba
mailing list