Using an eDirectory Tree for Access Control
Figure 2-13
eDirectory Tree
o=Novell
ou=Sales
ou=HR
Users
Users
Such a tree organization can be used to control access to resources. The following instructions
explain how to create a Role policy for the users created under the Sales container.
1 In the Administration Console, click Policies > Policies.
2 Select the policy container, then click New.
3 Specify a name for the Role policy, select Identity Server: Roles for the type, then click OK.
4 In Condition Group 1, click New, and select LDAP OU > [Identity Server Configuration] >
[User Store] > [DN of the OU].
ou=Dev
Users
Creating Role Policies
57