Granting Self-Administration Rights to eGuide Users
Novell Cool Solutions: Trench
By Hamish Speirs
Reader Rating 
from 4 ratings
|
Digg This -
Slashdot This
Posted: 24 Mar 2003 |
The Problem:
NetWare 6, eGuide 2.1, eDirectory 8.6.2.
Our common population of users can not modify attributes in eGuide, they get the
message "One or more attributes failed to update".
However, users with admin rights have no problem making these changes. How do I grant everyone self-administration rights?
The Solution:
If you have a pure eDirectory 8.7 tree you can do it using the "self
administration" role - check the documentation for instructions.
Otherwise you have to give each of the individual users rights to the specific attributes you want them to be able to edit. I did this using an LDIF file that was imported with ICE - in so doing, I was able to update 4,000 users in a couple of minutes.
Here's the format for the LDIF file:
version: 1 dn: cn=aaaatest,ou=HOME,o=SOMEORG changetype: modify add: ACL ACL: 7#entry#cn=aaaatest,ou=HOME,o=SOMEORG#mail ACL: 7#entry#cn=aaaatest,ou=HOME,o=SOMEORG#telephoneNumber ACL: 7#entry#cn=aaaatest,ou=HOME,o=SOMEORG#title ACL: 7#entry#cn=aaaatest,ou=HOME,o=SOMEORG#ou dn: cn=auser,ou=HQ,ou=HOME,o=SOMEORG changetype: modify add: ACL ACL: 7#entry#cn=auser,ou=HQ,ou=HOME,o=SOMEORG#mail ACL: 7#entry#cn=auser,ou=HQ,ou=HOME,o=SOMEORG#telephoneNumber ACL: 7#entry#cn=auser,ou=HQ,ou=HOME,o=SOMEORG#title ACL: 7#entry#cn=auser,ou=HQ,ou=HOME,o=SOMEORG#ou
You can e-mail Hamish with questions about his procedure at hamish@TAKETHISOUTspeirs.mine.nu
Reader Comments
- Why not use the new [This] ACL that came eDir 8.6.2. Just go to the OU and grant the [This] trustee rights to the attributes you want a user to be able to modify, and users in that OU will be able to modify those attributes only on their own object. One ACL assignment is a lot better than 4,000!!
- The "[THIS]" attribute will work in a pure eDir tree, but not in a mixed tree where you need the attribute based approach. From the iManager documentation: "WARNING: User self-management will work only on eDirectory versions 8.6 and later. We recommend that you upgrade to version 8.7 before setting up user self-management. Modifying the eMFrame.cfg file as described in this section will cause serious problems if you are not running eDirectory 8.6 or later on every server in your eDirectory tree."
Novell Cool Solutions (corporate web communities) are produced by WebWise Solutions. www.webwiseone.com