<p>How you applied this rule in DS? I mean on what objects you applied it. Full dn will be good. You should put this on container nearest to objects that this rule should apply. Maybe simple ldif of trying edit description will be helpfull, also ldif showing that user you used is in this group.</p>
<p>The best guide for me was red hat directory serve guide (there is chapter for ACIs with a lot of examples). You can find it on red hat docs.</p>
<p>Greg.</p>
<div class="gmail_quote">17 wrz 2012 13:58, "Josh Ellsworth" <<a href="mailto:jellsworth@primaticsfinancial.com">jellsworth@primaticsfinancial.com</a>> napisał(a):<br type="attribution"><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
<div lang="EN-US" link="blue" vlink="purple">
<div>
<p class="MsoNormal">I am trying to grant a specific group the ability to edit one attribute. I have the following ACI in place with no success:<u></u><u></u></p>
<p class="MsoNormal"><u></u> <u></u></p>
<p class="MsoNormal">(targetattr ="description")(version 3.0;acl "evolvadmins description modify";allow(all) (groupdn = "ldap:///cn=evolvadmins,ou=Groups,dc=evolv,dc=com");)<u></u><u></u></p>
<p class="MsoNormal"><u></u> <u></u></p>
<p class="MsoNormal">Any ideas what I need to do? Any good guides to troubleshooting and writing ACIs?<u></u><u></u></p>
<p class="MsoNormal"><u></u> <u></u></p>
<p class="MsoNormal">Josh<u></u><u></u></p>
<p class="MsoNormal"><u></u> <u></u></p>
<p class="MsoNormal">--<u></u><u></u></p>
<p class="MsoNormal">Joshua Ellsworth<u></u><u></u></p>
<p class="MsoNormal">Senior Systems Administrator, Primatics Financial<u></u><u></u></p>
<p class="MsoNormal">Phone: <a href="tel:571.765.7528" value="+15717657528" target="_blank">571.765.7528</a><u></u><u></u></p>
<p class="MsoNormal"><a href="mailto:jellsworth@primaticsfinancial.com" target="_blank">jellsworth@primaticsfinancial.com</a><u></u><u></u></p>
<p class="MsoNormal"><u></u> <u></u></p>
</div>
</div>
<br>--<br>
389 users mailing list<br>
<a href="mailto:389-users@lists.fedoraproject.org">389-users@lists.fedoraproject.org</a><br>
<a href="https://admin.fedoraproject.org/mailman/listinfo/389-users" target="_blank">https://admin.fedoraproject.org/mailman/listinfo/389-users</a><br></blockquote></div>