Supervising the Network
2-6
Setting Up and Managing NetWare Directory Services Objects
Rights Needed to Create and Manage Objects
Property Rights
Object rights do not allow trustees to see the information stored in the
object’s properties. Property rights are required to read the information in an
object’s properties. Property rights control access to each property of an
object.
For example, if you include a private telephone number as a property for a
User object, you can use property rights to prevent others from seeing that
telephone number. At the same time, you can use property rights to allow
other properties, such as Address or Fax Number, to be viewed.
Table 2-2 lists and describes property rights that you can assign to a trustee.
See the following references for more detailed information.
Table 2-2 Property Rights
Right Description
Supervisor Gives all rights to the property. You can block the
Supervisor property right with an Inherited Rights Filter.
Compare Allows the trustee to compare any value with an existing
value of the property. The comparison can return True or
False, but cannot give the value of the property.
Read Allows the trustee to read the values of the property. This
right includes the Compare right; that is, if the Read right
is given, Compare operations are allowed also.
Write Allows the trustee to add, change, or remove any values
of the property. The Write right implies the Add or
Delete Self right.
Giving the Write right to the ACL property is the same as
giving the Supervisor right to the object.
Add or Delete
Self
Allows the trustee to add or remove itself as a value of
the property, but not to change any other values of the
property. This right is only used for properties where a
User object can be listed as a value, such as group
membership lists or mailing lists. The Write right
includes the Add or Delete Self right.