From 1ad057cc317d63335b75e73d7924baf6e52c68dc Mon Sep 17 00:00:00 2001
From: Buchan Milne <buchan@mageia.org>
Date: Sun, 20 Feb 2011 14:49:26 +0000
Subject: Give group owner access (read - including search - and write) to
 owner attribute

---
 modules/openldap/templates/mandriva-dit-access.conf | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'modules/openldap')

diff --git a/modules/openldap/templates/mandriva-dit-access.conf b/modules/openldap/templates/mandriva-dit-access.conf
index acf22a75..68a2c7f8 100644
--- a/modules/openldap/templates/mandriva-dit-access.conf
+++ b/modules/openldap/templates/mandriva-dit-access.conf
@@ -81,7 +81,7 @@ access to dn.subtree="<%= dc_suffix %>"
 
 # group owner can add/remove/edit members to groups
 access to dn.regex="^cn=[^,]+,ou=(System Groups|Group),<%= dc_suffix %>$"
-	attrs=member
+	attrs=member,owner
 	by dnattr=owner write
 	by group.exact="cn=Account Admins,ou=System Groups,<%= dc_suffix %>" write
 	by users +scrx
-- 
cgit v1.2.1