HP-UX Directory Server 8.1 Administrator (766147-001, March 2014)

ManualsBrandsHP ManualsSoftwareHP-UX Directory Server

About CoS......................................................................................................................189

About the CoS definition entry......................................................................................189

About the CoS template entry.......................................................................................189

How a pointer CoS works............................................................................................190

How an indirect CoS works..........................................................................................190

How a classic CoS works.............................................................................................191

Searches for CoS-specified attributes..............................................................................192

Managing CoS using the console......................................................................................193

Creating a new CoS....................................................................................................193

Creating the CoS template entry...................................................................................197

Deleting a CoS...........................................................................................................205

Managing CoS from the command line..............................................................................205

Creating the CoS definition entry from the command line.................................................206

Creating the CoS template entry from the command line..................................................207

Example of a pointer CoS............................................................................................208

Example of an indirect CoS..........................................................................................209

Example of a classic CoS.............................................................................................209

Searching for CoS entries.............................................................................................210

Creating role-based attributes............................................................................................210

Access control and CoS....................................................................................................211

Using views.........................................................................................................................211

Creating views in the console............................................................................................212

Deleting views from the Directory Server Console.................................................................217

Creating views from the command line...............................................................................217

Deleting views from the command line................................................................................217

Using groups.......................................................................................................................217

Managing static groups....................................................................................................218

Managing dynamic groups...............................................................................................221

Creating and managing groups in the command line...........................................................225

Using the memberOf Attribute to manage group membership information...............................226

The MemberOf plug-in syntax.......................................................................................226

Configuring an instance of the MemberOf plug-in from the command line..........................227

Editing the MemberOf Plug-in from the console...........................................................227

Editing the MemberOf Plug-in from the command line.................................................229

Synchronizing memberOf values...................................................................................230

Initializing and regenerating memberOf attributes using fixup-memberof.pl.....................230

Initializing and regenerating memberOf Attributes using ldapmodify.............................230

Support links between two attributes.......................................................................................231

6 Managing Access Control.......................................................................233

Access control principles........................................................................................................233

ACI structure...................................................................................................................233

ACI placement................................................................................................................234

ACI evaluation.................................................................................................................234

ACI limitations.................................................................................................................234

Default ACIs.........................................................................................................................235

Creating ACIs manually.........................................................................................................236

The ACI syntax................................................................................................................236

Defining targets...............................................................................................................236

Targeting a directory entry...........................................................................................237

Targeting attributes......................................................................................................238

Targeting both an entry and attributes............................................................................239

Targeting entries or attributes using LDAP filters...............................................................239

Targeting attribute values using LDAP filters.....................................................................240

Targeting a single directory entry..................................................................................240

Contents 7