Novell ACCESS MANAGER 3.1 SP2 - POLICY GUIDE 2010 Manual page 68

Hide thumbs Also See for ACCESS MANAGER 3.1 SP2 - POLICY GUIDE 2010:

Manual (374 pages)

User manual (58 pages)

Manual (110 pages)

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

133

134

135

136

137

138

139

140

141

142

143

144

145

146

147

148

149

150

151

152

153

154

155

156

157

158

159

160

161

162

163

164

165

166

167

168

169

170

171

172

173

174

175

176

177

178

179

180

181

182

183

184

185

186

187

188

189

190

191

192

Table of Contents

The second condition group contains the following conditions:

1. The user's department must be Information Services and Technology (IS&T).

2. The request must come on a weekend.

With this rule, the engineers who match the first condition group have access to the resource

during the week, and the IS&T users who match the second condition group have access to the

resource on the weekend.

OR Conditions, AND groups: If the conditions are ORed, the user must meet at least one

condition in the condition group to match the profile. If the conditions groups are ANDed, the

user must meet at least one condition in each condition group to match the profile. For

example, suppose you create the following allow rule:

The first condition group contains the following conditions:

1. The user's department is Engineering.

2. The user's department is Sales.

The second condition group contains the following conditions:

1. The user has been assigned the Party Planning role.

2. The user has been assigned the Vice President role.

With this rule, the Vice Presidents of both the Engineering and Sales departments can access

the resource, and the users from the Engineering and Sales department who have been assigned

to the Party Planning role can access the resource.

At the top of each condition group, there is an option that allows you to control whether the user

must match the conditions to match the profile or whether the user matches the profile if the user

doesn't match any of the conditions. Depending upon your selection for the Condition structure, you

can select from the following:

If/If Not

Or/Or Not

And/And Not

Conditions also have similar Not options, so that a user can match a condition by not matching the

specified value.

Adding Multiple Conditions

To add another condition to a condition group, click New, then select a condition. To copy an

existing condition, click the Copy Condition icon

the condition group. Use the Move

Adding New Condition Groups

To add another condition group to the rule, click Append New Group. To copy the existing condition

group, click the Copy Group icon

Conditions section. Use the Move

Disabling or Moving Conditions and Condition Groups

Condition groups and conditions within them can be disabled by clicking the Enabled check mark

, which changes the icon to the Disabled icon

Novell Access Manager 3.1 SP2 Policy Guide

. New conditions are always added to the end of

buttons to order the conditions in the condition group.

. New condition groups are always added to the end to the

buttons to order the condition groups.

Table of Contents

Chapters

Table of Contents

Novell ACCESS MANAGER 3.1 SP2 - POLICY GUIDE 2010 Manual page 68

Chapters

Troubleshooting

Related Products for Novell ACCESS MANAGER 3.1 SP2 - POLICY GUIDE 2010

Novell ACCESS MANAGER 3.1 SP2 - POLICY GUIDE 2010 Manual page 68

Chapters

Troubleshooting

Related Manuals for Novell ACCESS MANAGER 3.1 SP2 - POLICY GUIDE 2010

Related Products for Novell ACCESS MANAGER 3.1 SP2 - POLICY GUIDE 2010

Table of Contents