Table of Contents
Advertisement
userattr = "ldap:///dc=example,dc=com?owner#GROUPDN"
In this example, the group entry is under the
server can process this type of syntax more quickly than the previous example.
(By default,
is not an allowed entry in a user's entry. You would have to
owner
extend your schema to allow this attribute in a
Example With ROLEDN Bind Type
The following is an example of the
based on a role DN:
userattr = "exampleEmployeeReportsTo#ROLEDN"
The bind rule is evaluated to be true if the bind DN belongs to the role specified in
the
exampleEmployeeReportsTo
you create a nested role for all managers in your company, you can use this
mechanism to grant managers at all levels access to information about employees
that are at a lower grade than themselves.
NOTE
This example assumes that you have added the
exampleEmployeeReportsTo
employee entries contain this attribute. It also assumes that the
value of this attribute is the DN of a role entry.
For information on designing your schema, refer to Netscape
Directory Server Deployment Guide. For information on adding
attributes to the schema, see "Creating Attributes," on page 331.
The DN of the role can be under any suffix in the database. If, in addition, you are
using filtered roles, the evaluation of this type of ACI uses a lot of resources on the
server.
If you are using a static role definition, and the role entry is under the same suffix
as the targeted entry, you can use the following expression:
userattr = "ldap:///dc=example,dc=com?employeeReportsTo#ROLEDN"
In this example, the role entry is under the
can process this type of syntax more quickly than the previous example.
Example With LDAPURL Bind Type
The following is an example of the
based on an LDAP filter:
userattr = "myfilter#LDAPURL"
dc=example,dc=com
person
keyword associated with a bind
userattr
attribute of the targeted entry. For example, if
attribute to the schema, and that all
dc=example,dc=com
keyword associated with a bind
userattr
Chapter 6
Bind Rules
suffix. The
object.)
suffix. The server
Managing Access Control
213
Advertisement
Table of Contents
Related Manuals for Netscape NETSCAPE DIRECTORY SERVER 6.01 - ADMINISTRATOR
Related Products for Netscape NETSCAPE DIRECTORY SERVER 6.01 - ADMINISTRATOR
- Netscape NETSCAPE DIRECTORY SERVER 6.01 - PLUG-IN
- Netscape NETSCAPE DIRECTORY SERVER 6.02 - ADMINISTRATOR
- Netscape NETSCAPE DIRECTORY SERVER 6.02 - PLUG-IN
- Netscape NETSCAPE DIRECTORY SERVER 6.1 - ADMINISTRATOR
- Netscape NETSCAPE DIRECTORY SERVER 6.2 - DEPLOYMENT
- Netscape NETSCAPE DIRECTORY SERVER 6.1 - PLUG-IN
- Netscape NETSCAPE DIRECTORY SERVER 6.2 - ADMINISTRATOR
- Netscape NETSCAPE DIRECTORY SERVER 6.2 - PLUG-IN
- Netscape NETSCAPE DIRECTORY SERVER 6.0
- Netscape NETSCAPE DIRECTORY SERVER 6.0 - DEPLOYMENT
- Netscape NETSCAPE DIRECTORY SERVER 6.01 - DEPLOYMENT
- Netscape NETSCAPE DIRECTORY SERVER 6.02 - DEPLOYMENT
- Netscape NETSCAPE DIRECTORY SERVER 7.0 - PLUG-IN
- Netscape NETSCAPE DIRECTORY SERVER 7.0 - DEPLOYMENT
- Netscape NETSCAPE DIRECTORY SERVER 7.0 - GATEWAY CUSTOMIZATION
- Netscape ENTERPRISE SERVER 6.0
Need help?
Do you have a question about the NETSCAPE DIRECTORY SERVER 6.01 - ADMINISTRATOR and is the answer not in the manual?
Questions and answers