Okay, I know this is solvable just by reading the new OpenLDAP 2.4 documentation, but I think it would be easier to understand the whole new way of configuring OpenLDAP if someone could help and explain by samples how the new ACL stuff works.

I have followed the official guide (https://help.ubuntu.com/10.04/server...ap-server.html) meticulously and everything went really well with the installation.

My ldap contains the following example objects:
Code:
dn: dc=example,dc=com
objectClass: organization

dn: cn=admin,dc=example,dc=com
objectClass: organizationalRole

dn: ou=people,dc=example,dc=com
objectClass: organizationalUnit

dn: ou=groups,dc=example,dc=com
objectClass: organizationalUnit

dn: cn=admins,ou=groups,dc=example,dc=com
objectClass: posixGroup
memberUid: joe
memberUid: mike

dn: cn=users,ou=groups,dc=example,dc=com
objectClass: posixGroup
memberUid: joe
memberUid: mike
memberUid: jane
memberUid: kate

dn: uid=joe,ou=people,dc=example,dc=com
objectClass: inetOrgPerson

dn: uid=mike,ou=people,dc=example,dc=com
objectClass: inetOrgPerson

dn: uid=jane,ou=people,dc=example,dc=com
objectClass: inetOrgPerson

dn: uid=kate,ou=people,dc=example,dc=com
objectClass: inetOrgPerson
I would like to know how could I set LDAP Administration rights to all members of the "admins" group (Joe and Mike) could create, modify and remove other users and groups (and act like admins). So that after the initial setup they would not have to know the ldap admin password.

If someone could post an sample what kind of ldapmodify command should I use to achieve this access, I would be really grateful and I firmly believe that others struggling with the same adjustment to the new config-method would also appreciate it!

I'm seriously missing the slapd.conf file...