-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 As I recall, there was a problem with OpenLDAP that consisted of the fact that one couldn't specify access to the server itself through an ACL without using dn syntax. The old posixGroup did not use dn syntax. There was a new standard produced but last I new it had not yet been incorporated into the schema's. Anyway, the impact on Samba was that unless you were really good with OpenLDAP and knew how to incorporate the new posixGroup schema, you were stuck with using redundant groupOfNames objects to provide Samba users with the ability to change records. So is this fixed? Wanted: Easy step by step guide for creating a simple schema. Perhaps an address book record or something. Jim C. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.5 (MingW32) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFCi3lQB4AhF6wVFMERAvgiAKCyoI8bxPSkmblZyMorkXLphXP0xACgiwYr 9Newqupl7Ejdt+5SrZ2iXS4=919Z -----END PGP SIGNATURE-----