Table of Contents
Advertisement
In the attribute table, tick the checkboxes for the
b.
homePostalAddress
All other checkboxes should be clear. This task is made easier if you click
the Check None button to clear the checkoxes for all attributes in the table,
then click the Name header to organize them alphabetically, and select the
appropriate ones.
If you want users to authenticate using SSL, switch to manual editing by
6.
clicking the Edit Manually button, and add
statement so that it reads as follows:
(targetattr="homePostalAddress || homePhone || mail")
(version 3.0; acl "Write Subscribers"; allow (write) (userdn=
"ldap:///self") and authmethod="ssl";)
Click OK.
7.
The new ACI is added to the ones listed in the Access Control Manager
window.
Restricting Access to Key Roles
You can use role definitions in the directory to identify functions that are critical to
your business, the administration of your network and directory, or another
purpose.
For example, you might create a
system administrators that are available at a particular time of day and day of the
week at corporate sites worldwide. Or you might want to create a
that includes all members of staff on a particular site that have done first aid
training. For information on creating role definitions, refer to "Using Roles," on
page 170.
When a role gives any sort of privileged user rights over critical corporate or
business functions, you should consider restricting access to that role. For example,
at
, employees can add any role to their own entry except the
example.com
role. This is illustrated in the ACI "Roles" example.
superAdmin
ACI "Roles"
In LDIF, to grant
example.com
entry except the
superAdmin
, and
attributes.
mail
authmethod=ssl
role by identifying a subset of your
superAdmin
employees the right to add any role to their own
role, you would write the following statement:
Access Control Usage Examples
,
homePhone
to the LDIF
First Aid
Chapter 6
Managing Access Control
role
249
Advertisement
Table of Contents
Troubleshooting
Related Manuals for Red Hat DIRECTORY SERVER 7.1 - ADMINISTRATOR
Related Products for Red Hat DIRECTORY SERVER 7.1 - ADMINISTRATOR
- Red Hat DIRECTORY SERVER 8.1 - 11-01-2010
- Red Hat DIRECTORY SERVER 8.1 - USING RED HAT CONSOLE 4-28-2008
- Red Hat DIRECTORY SERVER 8.1 - USING THE ADMIN SERVER
- Red Hat Linux Virtual Server
- Red Hat LINUX VIRTUAL SERVER - FOR ENTERPRISE LINUX 5.2 REV 05-2008
- Red Hat LINUX VIRTUAL SERVER 4.5 - ADMINISTRATION
- Red Hat LINUX VIRTUAL SERVER 4.6 - ADMINISTRATION
- Red Hat LINUX VIRTUAL SERVER 4.7 - ADMINISTRATION
Need help?
Do you have a question about the DIRECTORY SERVER 7.1 - ADMINISTRATOR and is the answer not in the manual?
Questions and answers