Ticket 47653 - Need a way to allow users to create entries assigned to themselves
Bug Description: There are cases where users need to be able to create, edit and delete
their own entries. Using an ACI with the "userattr" keyword does not
work with ADD operations(to prevent a security hole). This prevents IPA's
OTP plugin from performing some necessary operations.
Fix Description: Added a new config attribute "nsslapd-access-userattr-strict". The default
is "on" or strict. For the IPA case, it would need to be set to "off" in
order to allow the desired behavior.
https://fedorahosted.org/389/ticket/47653
Reviewed by: nhosoi(Thanks!)
(cherry picked from commit a9cd4e78f1fd1af5de06aca46c8c10ed70bbe4e1)