Novell ACCESS MANAGER 3.1 SP1 - IDENTITY SERVER Manual page 232

3 Click the category you want to edit.
All Trusted Providers: Policies that are defined by the service provider's ability to query and
modify the particular Liberty attributes or groups of attributes for the Web service. When All
Trusted Providers permissions are established, and a service provider needs data, the system
first looks here to determine whether user data is allowed, never allowed, or must be asked for.
If no solution is found in All Trusted Providers, the system examines the permissions
established within the specific service provider.
Owners: Policies that limit the end user's ability to modify or query data from his or her own
profile. The settings you specify in the Owner group are reflected on the My Profile page in the
User Portal. Portal users have the authority to modify the data items in their profiles. The data
items include Liberty and LDAP attributes for personal identity, employment, and any
customized attributes defined in the Identity Server configuration. Any settings you specify in
the Administration Console override what is displayed in the User Portal. Overrides are
displayed in the Inherited column.
If you want the user to have Write permission for a given data item, and that data item is used
in an LDAP Attribute Map, then you must configure the LDAP Attribute Map with Write
permission.
4 On the All Service Policy page, select the policy's check box, then click Edit Policy.
This lets you modify the parent service policy attribute. Any selections you specify on this page
are inherited by child policies.
Query Policy: Allows the service provider to query for the data on a particular attribute. This
is similar to read access to a particular piece of data.
232 Novell Access Manager 3.1 SP1 Identity Server Guide