Netscape DIRECTORY SERVER 6.1 - ADMINISTRATOR Administrator's Manual page 238

Access Control Usage Examples
It is also
information in the
connection to the directory. This is illustrated in the ACI "Write Subscribers"
example.
ACI "Write example.com"
NOTE
In LDIF, to grant
home telephone number and home address, you would write the following
statement:
aci: (targetattr="userPassword || homePhone || homePostalAddress")
(version 3.0; acl "Write example.com"; allow (write) userdn=
"ldap:///self" and dns="*.example.com";)
This example assumes that the ACI is added to the
ou=example-people,dc=example,dc=com
From the Console, you can set this permission by doing the following:
On the Directory tab, right click the
1.
tree, and choose Set Access Permissions from the pop-up menu to display the
Access Control Manager.
Click New to display the Access Control Editor.
2.
On the Users/Groups tab, in the ACI name field, type "
3.
the list of users granted access permission, do the following:
a.
b.
c.
d.
On the Rights tab, tick the checkbox for write right. Make sure the other
4.
checkboxes are clear.
238 Netscape Directory Server Administrator's Guide • August 2002
's policy to let their subscribers update their own personal
example.com
example.com
By setting this permission, you are also granting users the right to
delete attribute values.
example.com
Select and remove All Users, then click Add.
The Add Users and Groups dialog box is displayed.
Set the Search area to Special Rights, and select Self from the Search results
list.
Click the Add button to list Self in the list of users who are granted access
permission.
Click OK to dismiss the Add Users and Groups dialog box.
tree provided that they establish an SSL
employees the right to update their password,
entry.
example.com
node in the left navigation
Write example.com
". In