Defining User Access - Userdn Keyword; Anonymous Access (Anyone Keyword); General Access (All Keyword) - Netscape DIRECTORY SERVER 6.2 - ADMINISTRATOR Administrator's Manual

Defining User Access - userdn Keyword

User access is defined using the
one or more valid distinguished names in the following format :
userdn = "ldap:///dn [|| ldap:///dn]...[||ldap:///dn]"
where can be a DN or one of the expressions
dn
userdn = "ldap:///anyone
userdn = "ldap:///all
"
userdn = ldap:///self
"
userdn = ldap:///parent
The keyword can also be expressed as an LDAP filter of the form:
userdn
ldap:///suffix??sub?(filter)
If a DN contains a comma, the comma must be preceded by a
NOTE
backslash (\) escape character.

Anonymous Access (anyone Keyword)

Granting anonymous access to the directory means that anyone can access it
without providing a bind DN or password, and regardless of the circumstances of
the bind. You can limit anonymous access to specific types of access (for example,
access for read or access for search) or to specific subtrees or individual entries
within the directory.
From the Server Console, you define anonymous access through the Access
Control Editor. See "Creating ACIs From the Console," on page 231.

General Access (all Keyword)

You can use bind rules to indicate that a permission applies to anyone who has
successfully bound to the directory; that is, all authenticated users. This allows
general access while preventing anonymous access.
From the Server Console, you define general access on the Access Control
Editor. For more information, see "Creating ACIs From the Console," on page 231.
keyword. The
userdn
" - defines anonymous access
" - defines general access
" - defines self access
" - defines access for the parent entry
keyword requires
userdn
, , , or
anyone all self
Chapter 6 Managing Access Control
Bind Rules
:
parent
215