certServer.usrgrp.administration
Allow or deny a read or modify operation to the user and group configuration.
Operations
read
Viewing users, groups, and user's certificates. Finding users and
groups.
modify
Adding, modifying and deleting groups, and users. Add and
modify a user certificate attribute.
Default ACIs
allow (read) group="Administrators" || group="Auditors" ||
group="Certificate Manager Agents" || group="Registration Manager
Agents" || group="Data Recovery Manager Agents" || group="Online
Certificate Status Manager Agents"
allow (modify) group="Administrators"
Administrators, auditors, and agents are allowed to read user and group
configuration; only administrators are allowed to modify user and group
configuration.
ACL Reference
Chapter 8
Authorization
379