a question: we have a requirement where only users that have a role are
able to see role membership. so if i have role A, i can see the
membership for role A (search on nsRole=<roleA>) but cannot necessarily
see role B members, etc. the same restriction applies when pulling the
nsRole attribute.
is there any way (via aci) to support this? i've implemented a plugin
(actually 2 - a computed attribute and preop) that supports this but
wanted to make sure that i wasn't missing something in aci setup that
would accomplish the same thing.
Thanks,
Gary
Show replies by date