[Samba] Set write permission for an user into a specific LDAP field...
gaio at sv.lnf.it
Wed Aug 26 09:29:17 UTC 2020
No one reply, so i try to clarify better.
> I need to have an AD user that need to *write* in an users LDAP field.
> The user case is a MFP (a set of MFP, indeed) that have RFID auth, and
> so need to 'register' the RFID cards ID.
The system works with direct LDAP access via some credential; if i
temporary put the credential of an administrator, the MFPs write
correctly in LDAP the ID of the card.
So, MFPs side, the system seems to work.
> Seems to me that i have to use dsacl/samba-tool acl ds, but i don't
> found a way to set the property for every user.
> EG, assign write permission to user 'mfp' to field 'pager' for every
> user, current and future ones.
Clearly, have MFPs to write in LDAP data with administrators power is
not a good policy; i'm looking if there's a way to set LDAP ACLs so a
particular user can write to a particular field (in this example,
'pager'), and only this, for all users.
> It is possible? Thanks.
dott. Marco Gaiarin GNUPG Key ID: 240A3D66
Associazione ``La Nostra Famiglia'' http://www.lanostrafamiglia.it/
Polo FVG - Via della Bontà, 7 - 33078 - San Vito al Tagliamento (PN)
marco.gaiarin(at)lanostrafamiglia.it t +39-0434-842711 f +39-0434-842797
Dona il 5 PER MILLE a LA NOSTRA FAMIGLIA!
(cf 00307430132, categoria ONLUS oppure RICERCA SANITARIA)
More information about the samba