<?php
/*
Each of the ACL value is in the format of
"privileges#scope#trustee#attrname".
privileges: sum of the decimal values associated with the rights.
scope: either 'entry' or 'subtree'.
truestee: full trustee DN.
attrname: [Entry Rights], or [All Attributes Rights],
or a single attribute name.
[All Attribute Rights]
BROWSE = 1;
ADD = 2;
DELETE = 4;
RENAME = 8;
SUPERVISOR = 32;
[Entry Rights]
COMPARE = 1;
READ = 2;
WRITE = 4;
SELF = 8;
SUPERVISOR = 32;
Example: 6#entry#cn=pjones,o=novell#[All Attribute Rights]
Example: 32#entry#cn=admin,o=novell#groupMembership
*/
$server='localhost';
$admin='cn=admin,o=novell';
$passwd='novell';
$ds=ldap_connect($server); // assuming the LDAP server is on this host
if ($ds) {
// bind with appropriate dn to give update access
$r=ldap_bind($ds, $admin, $passwd);
if($r) echo "ldap_bind success
";
// prepare data
$info["acl"] ="32#entry#cn=admin,o=novell#[All Attributes Rights]";
// add data to directory
$r=ldap_mod_add($ds, "cn=pjones,ou=users,o=novell", $info);
if($r) echo "ldap_add success
";
ldap_close($ds);
} else {
echo "Unable to connect to LDAP server";
}
?>
© 2008 Novell, Inc. All Rights Reserved.
