I am in the process of migrating ACLs from OpenLDAP to ACIs in FDS. I'm
having trouble figuring out how to best convert from
"group/organizationalRole/roleOccupant" bind rules to a comparable
method in the Fedora Directory Server.
Do I need to move the roleOccupant entries to uniquemember entries
(which would require objectClass changes as well) then use a groupDN
bind rule? I would rather not change the data.
Is it possible to have the groupDN bind rule use an attribute other than
uniquemember?
Any help/thoughts would be appreciated.
Show replies by thread