I need to be able to add the ability to view your own record, and only your record, to my AD LDS instance. I know I can add everyone to the Readers (CN=Readers,CN=Roles) group but that will give all accounts read access to all attributes for all users. What I want is a way to give a user read access to their entry in AD LDS only and no access to the other entries in the directory. Is this possible and, if so, how would I go about setting this up?
Thank you in advance.
Jesse Santana - Assistant Director CSU Long Beach – Network Services 1250 Bellflower Blvd. Long Beach, CA 90840