We are using the SeeAlso attribute to store who is responsible for specific accounts.
We do not wish to use the Manager field, because the Manager/Direct Report structure is reflected in org charts in many applications we use.
So we implemented the SeeAlso attribute to store the DN of the "Account Owner"
The only bit we are missing is to grant permissions to edit a user when the initiatior DN is present in the SeeAlso attribute.
This way, if my DN is present in the SeeAlso attribute for a user, I have rights to, for example, extende the expiration date of an account.
Is that possible?