|
|
|
The group update is performed with the credentials of the binding user. The DSA triggers the memberOf update and therefore bypasses access controls and also schema checking.
If a separate DSA services the user subtree, the DSA handling the group update requires the 'trust-dsa-triggered-operations' trust flag.
| Copyright © 2011 CA. All rights reserved. | Email CA Technologies about this topic |