Table of Contents
Advertisement
Access Control Usage Examples
At
example.com
into various clubs: tennis, swimming, skiing, role-playing, etc. Any
employee can create a group entry representing a new club. This is illustrated in
the ACI "Create Group" example. Any
member of one of these groups. This is illustrated in ACI "Group Members" under
"Allowing Users to Add or Remove Themselves From a Group," on page 251. Only
the group owner can modify or delete a group entry. This is illustrated in the ACI
"Delete Group" example.
ACI "Create Group"
In LDIF, to grant
the
ou=Social Committee
aci: (target="ldap:///ou=social committee,dc=example,dc=com)
(targattrfilters="add=objectClass:(objectClass=groupOfNames)")
(version 3.0; acl "Create Group"; allow (add)
(userdn= "ldap:///uid=*,ou=example-people,dc=example,dc=com") and
dns="*.example.com";)
NOTE
This example assumes that the ACI is added to the
dc=example,dc=com
From the Console, you can set this permission by doing the following:
On the Directory tab, right click the Social Committee entry under the
1.
example.com
Permissions from the pop-up menu to display the Access Control Manager.
Click New to display the Access Control Editor.
2.
On the Users/Groups tab, in the ACI name field, type "Create Group". In the
3.
list of users granted access permission, do the following:
a.
b.
c.
244
Netscape Directory Server Administrator's Guide • August 2002
for example, there is an active social committee that is organized
example.com
branch, you would write the following statement:
This ACI does not grant write permission, which means that the
entry creator cannot modify the entry.
entry.
node in the left navigation tree, and choose Set Access
Select and remove All Users, then click Add.
The Add Users and Groups dialog box is displayed.
Set the Search area to Special Rights, and select All Authenticated Users
from the Search results list.
Click the Add button to list All Authenticated Users in the list of users who
are granted access permission.
example.com
employees the right to create a group entry under
ou=social committee,
example.com
employee can become a
Advertisement
Table of Contents
Troubleshooting
Related Manuals for Netscape NETSCAPE DIRECTORY SERVER 6.1 - ADMINISTRATOR
Related Products for Netscape NETSCAPE DIRECTORY SERVER 6.1 - ADMINISTRATOR
- Netscape NETSCAPE DIRECTORY SERVER 6.01 - ADMINISTRATOR
- Netscape NETSCAPE DIRECTORY SERVER 6.01 - PLUG-IN
- Netscape NETSCAPE DIRECTORY SERVER 6.02 - ADMINISTRATOR
- Netscape NETSCAPE DIRECTORY SERVER 6.02 - PLUG-IN
- Netscape NETSCAPE DIRECTORY SERVER 6.2 - DEPLOYMENT
- Netscape NETSCAPE DIRECTORY SERVER 6.1 - PLUG-IN
- Netscape NETSCAPE DIRECTORY SERVER 6.2 - ADMINISTRATOR
- Netscape NETSCAPE DIRECTORY SERVER 6.2 - PLUG-IN
- Netscape NETSCAPE DIRECTORY SERVER 6.0
- Netscape NETSCAPE DIRECTORY SERVER 6.0 - DEPLOYMENT
- Netscape NETSCAPE DIRECTORY SERVER 6.01 - DEPLOYMENT
- Netscape NETSCAPE DIRECTORY SERVER 6.02 - DEPLOYMENT
- Netscape NETSCAPE DIRECTORY SERVER 7.0 - PLUG-IN
- Netscape NETSCAPE DIRECTORY SERVER 7.0 - DEPLOYMENT
- Netscape NETSCAPE DIRECTORY SERVER 7.0 - GATEWAY CUSTOMIZATION
- Netscape ENTERPRISE SERVER 6.0