Hide Forgot
Description of problem: The following aci: (targetfilter = "(&(memberOf=cn=devel-group,cn=groups,SUFFIX))") (version 3.0;acl "group_manager allowed to update any member of devel group"; allow (all) groupdn = "ldap:///cn=group_manager,cn=groups,SUFFIX";) allows 'group_manager' to ADD/DEL/MODDN/SRCH all members of 'devel-group', but does not allow to access any attribute of those members. targetattr being missing, it means that NO attribute are targeted by this aci. I think we need to update https://access.redhat.com/documentation/en-US/Red_Hat_Directory_Server/10/html/Administration_Guide/Managing_Access_Control-Creating_ACIs_Manually.html#Defining_Targets-Targeting_Attributes to inform that if 'targetattr' is missing, no attribute can be read/updated from the targeted entries.
I updated this a few days ago while working on a different BZ. See: https://bugzilla.redhat.com/show_bug.cgi?id=1261944#c1 *** This bug has been marked as a duplicate of bug 1261944 ***