description: Mythical manager of the rsdd unix project
drink: water
homephone: +1 313 555 2333
+homephone: +1 313 555 5444
pager: +1 313 555 3233
facsimiletelephonenumber: +1 313 555 2274
telephonenumber: +1 313 555 9022
by dn="^cn=Bjorn Jensen,ou=Information Technology Division,ou=People,o=University of Michigan,c=US$" +rw stop
by * break
+access to dn.children="ou=Information Technology Division,ou=People,o=University of Michigan,c=US"
+ by group.exact="cn=ITD Staff,ou=Groups,o=University of Michigan,c=US" write
+ by * read
+
access to filter="(name=X*Y*Z)"
by * continue
$LDAPSEARCH -b "$JAJDN" -h $LOCALHOST -p $PORT \
-D "$BABSDN" -w bjensen "objectclass=*" >> $SEARCHOUT 2>&1
+#
+# Check group access. Try to modify Babs' entry. Two attempts:
+# 1) bound as "James A Jones 1" - should fail
+# 2) bound as "Bjorn Jensen" - should succeed
+
+$LDAPMODIFY -D "$JAJDN" -h $LOCALHOST -p $PORT -w jaj >> \
+ $TESTOUT 2>&1 << EOMODS5
+dn: $BABSDN
+changetype: modify
+replace: drink
+drink: wine
+
+EOMODS5
+
+
+$LDAPMODIFY -D "$BJORNSDN" -h $LOCALHOST -p $PORT -w bjorn >> \
+ $TESTOUT 2>&1 << EOMODS6
+dn: $BABSDN
+changetype: modify
+add: homephone
+homephone: +1 313 555 5444
+
+EOMODS6
#
# Try to add a "member" attribute to the "All Staff" group. It should
projects / openldap / commitdiff