ACI “Group Members” (Sun Java System Directory Server Enterprise Edition 6.0 Administration Guide)

Sun Java System Directory Server Enterprise Edition 6.0 Administration Guide

In LDIF, to grant Example.com employees the right to add themselves to a group, you would write the following statement:

aci: (targettattr="member")(version 3.0; acl "Group Members";
 allow (selfwrite)
 (userdn= "ldap:///uid=*,ou=People,dc=example,dc=com") ;)

This example assumes that the ACI is added to the ou=Social Committee, dc=example,dc=com entry.