Disallow writes on serverHostName and memberOf

serverHostName because this is tied to the FQDN so should only be changed
on a host rename (which we don't do).

memberOf because the plugin should do this. Directly manging this attribute
would be pretty dangerous and confusing.

Also remove a redundant aci granting the admins group write access to
users and groups. They have it with through the "admins can modify any
entry" aci.

tickets 300, 304

0 files changed, 0 insertions, 0 deletions