-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
As shown here. This is a valid user I just created and set an IRF on. My
administrator can see all attributes, but my secondary administrator
(given rights the same way, except explicitly to this object) cannot:
# testIRFUser00, novell, org
dn: cn=testIRFUser00,o=novell,dc=org
uid: testIRFUser00
sn: testIRFUser00lname
objectClass: inetOrgPerson
objectClass: organizationalPerson
objectClass: Person
objectClass: ndsLoginProperties
objectClass: Top
This user shows up this way in all applications (when using the user who
does not have rights) including iMonitor because they are all
rights-based. (n)dsdump is also not confused as it is not rights-based
but it is also not generally available. Anyway, I would bet you have an
IRF on this user preventing tinkering. Find the user who has rights to it
(the one who created it should be a good start) and then destroy the
object that way.
Good luck.
Peter Kuo wrote:
> Edward van der Maas wrote:
>
>> (if you can actually do that
>> on a leaf object).
>
> Yes, you can have an IRF on a leaf object ...
>
>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.9 (GNU/Linux)
Comment: Using GnuPG with Mozilla -
http://enigmail.mozdev.org/
iQIcBAEBAgAGBQJK73PZAAoJEF+XTK08PnB51a0P/jGHEx1TWsRL0Fzcy8XEOPoH
w52MVoFWFepLlp9uaSQ0PopPP6wS/7XP6ljhW6voEbIJXGJpwXVDAuyNdFz0ORZm
x9ZKpFNsCz6i/SiwMVkEI3EsHZS60KhGb58X8hCcBqTBZgh0I1Pb9VYrX3xdX0X f
086jwd8tuGBLznYkXOTeTmtCCcBfkEF/4ZfUwMyYrq5eeckFemStAMLrKn6L8TB/
ea+97Vi4mOxWay8HscgYVXWhgmK74AUlErXjSjEDqoAahRufCU fNrnryQuRhaVS6
Gbq/vUDvm5GoukUMWy5lWjvulaRDPMjj29yeElHx/jZijD1OhDJRKD40OVjIA9n5
MN8hKGrQtOwg22hSX/4h/n94IHsftIzO4iaRE1RqJEjtWjmTM3Vl+riqFxdDJ1Up
mNcA7+Birf9neT9N/N7xwu+Q/LLNQQvPR0R8Hrtxp11/wmLXel6jgLakGEDG1n+w
WNKl/KU+CkkA/dvabMo51PYDauORkapDdhiKXAF4rYHUIqbZXr3d+C9RwVVl8Tc k
3isqwP7Xk/HhWfia9D1LoX6wbNI9CcYxlfK/mloDSjzwEVXGSJu6vsaIf7aaoGdQ
xSiFr7Di9XZA52/AVOzX1jkU7bYoWfPURCPi2orG9hOP88lO98+00mRWBhB9YbUF
U4Ui85RDzPhm7+stiCgt
=HEpb
-----END PGP SIGNATURE-----
Re: Problem on a User Object
Threaded Mode
