I’m trying to do a form of tiered administration whereby a certain OD group has write access to only certain OD computer lists and OD computers.
So far, I’ve created my own slapd_macosxserver_custom.conf and included it in /etc/openldap/slapd.conf
The entry I have tried is:
[code]access to dn.regex=”cn=*lab1*,cn=computers,dc=my,dc=full,dc=base”
by group=”cn=lab1admin,cn=groups,dc=my,dc=full,dc=base” write[/code]
Where lab1admin is the OD group I want to give access to any machine with lab1 in the name.
However when I log into workgroup manager as an OD user in the lab1admin group, i am unable to change any of the preferences of machines with lab1 in the name, I get a
“Error while saving record “computer name” Error: 14120
Any suggestions?