Table of Contents
Advertisement
Access Control Usage Examples
At
example.com
organized into various clubs: tennis, swimming, skiing, role-playing, etc. Any
example.com
is illustrated in the ACI "Create Group" example. Any
become a member of one of these groups. This is illustrated in ACI "Group
Members" under "Allowing Users to Add or Remove Themselves From a Group,"
on page 253. Only the group owner can modify or delete a group entry. This is
illustrated in the ACI "Delete Group" example.
ACI "Create Group"
In LDIF, to grant
under the
statement:
aci: (target="ldap:///ou=social committee,dc=example,dc=com)
(targattrfilters="add=objectClass:(objectClass=groupOfNames)")
(version 3.0; acl "Create Group"; allow (add)
(userdn= "ldap:///uid=*,ou=example-people,dc=example,dc=com") and
dns="*.example.com";)
NOTE
This example assumes that the ACI is added to the
dc=example,dc=com
From the Console, you can set this permission by doing the following:
In the Directory tab, right click the Social Committee entry under the
1.
example.com
Permissions from the pop-up menu to display the Access Control Manager.
Click New to display the Access Control Editor.
2.
In the Users/Groups tab, in the ACI name field, type "Create Group". In the list
3.
of users granted access permission, do the following:
a.
b.
c.
246
Netscape Directory Server Administrator's Guide • December 2003
for example, there is an active social committee that is
employee can create a group entry representing a new club. This
example.com
ou=Social Committee
This ACI does not grant write permission, which means that the
entry creator cannot modify the entry.
entry.
node in the left navigation tree, and choose Set Access
Select and remove All Users, then click Add.
The Add Users and Groups dialog box is displayed.
Set the Search area to Special Rights, and select All Authenticated Users
from the Search results list.
Click the Add button to list All Authenticated Users in the list of users who
are granted access permission.
employees the right to create a group entry
branch, you would write the following
ou=social committee,
employee can
example.com
Advertisement
Table of Contents
Troubleshooting
Related Manuals for Netscape NETSCAPE DIRECTORY SERVER 6.2 - ADMINISTRATOR
Related Products for Netscape NETSCAPE DIRECTORY SERVER 6.2 - ADMINISTRATOR
- Netscape NETSCAPE DIRECTORY SERVER 6.01 - ADMINISTRATOR
- Netscape NETSCAPE DIRECTORY SERVER 6.01 - PLUG-IN
- Netscape NETSCAPE DIRECTORY SERVER 6.02 - ADMINISTRATOR
- Netscape NETSCAPE DIRECTORY SERVER 6.02 - PLUG-IN
- Netscape NETSCAPE DIRECTORY SERVER 6.1 - ADMINISTRATOR
- Netscape NETSCAPE DIRECTORY SERVER 6.2 - DEPLOYMENT
- Netscape NETSCAPE DIRECTORY SERVER 6.1 - PLUG-IN
- Netscape NETSCAPE DIRECTORY SERVER 6.2 - PLUG-IN
- Netscape NETSCAPE DIRECTORY SERVER 6.0
- Netscape NETSCAPE DIRECTORY SERVER 6.0 - DEPLOYMENT
- Netscape NETSCAPE DIRECTORY SERVER 6.01 - DEPLOYMENT
- Netscape NETSCAPE DIRECTORY SERVER 6.02 - DEPLOYMENT
- Netscape NETSCAPE DIRECTORY SERVER 7.0 - PLUG-IN
- Netscape NETSCAPE DIRECTORY SERVER 7.0 - DEPLOYMENT
- Netscape NETSCAPE DIRECTORY SERVER 7.0 - GATEWAY CUSTOMIZATION
- Netscape ENTERPRISE SERVER 6.0
Need help?
Do you have a question about the NETSCAPE DIRECTORY SERVER 6.2 - ADMINISTRATOR and is the answer not in the manual?