Manualshelf

HP-UX Directory Server 8.1 Administrator (766147-001, March 2014)

ManualsBrandsHP ManualsSoftwareHP-UX Directory Server
12345678910
Granting write access to personal entries............................................................................275
ACI "Write example.com"............................................................................................275
ACI "Write Subscribers"...............................................................................................276
Restricting access to key roles............................................................................................277
ACI "Roles"................................................................................................................277
Granting a group full access to a suffix...............................................................................278
ACI "HR"...................................................................................................................278
Granting rights to add and delete group entries...................................................................279
ACI "Create Group"....................................................................................................279
ACI "Delete Group"....................................................................................................280
Granting conditional access to a group or role....................................................................280
ACI "HostedCompany1"..............................................................................................281
Denying access...............................................................................................................282
ACI "Billing Info Read"................................................................................................282
ACI "Billing Info Deny"................................................................................................283
Setting a target using filtering............................................................................................283
Allowing users to add or remove themselves from a group.....................................................284
ACI "Group Members"................................................................................................284
Defining permissions for DNs that contain a comma.............................................................285
Proxied authorization ACI example.....................................................................................285
Advanced access control: Using macro ACIs............................................................................286
Macro ACI example.........................................................................................................286
Macro ACI syntax............................................................................................................288
Macro matching for ($dn)............................................................................................288
Macro matching for [$dn]............................................................................................289
Macro matching for ($attr.attrName).............................................................................289
Access control and replication................................................................................................290
Compatibility with earlier releases..........................................................................................290
7 Managing User Authentication.................................................................291
Managing the password policy..............................................................................................291
Configuring the password policy........................................................................................291
Configuring a global password policy using the console..................................................292
Configuring a subtree/user password policy using the console..........................................293
Configuring a global password policy using the command line.........................................294
Configuring subtree/user password policy using the command line....................................296
Setting user passwords.....................................................................................................298
Password change extended operation.................................................................................298
Configuring the account lockout policy...............................................................................299
Configuring the account lockout policy using the console..................................................300
Configuring the account lockout policy using the command line........................................300
Managing the password policy in a replicated environment...................................................300
Synchronizing passwords..................................................................................................301
Inactivating users and roles....................................................................................................302
Inactivating user and roles using the console.......................................................................302
Inactivating user and roles using the command line..............................................................302
Activating user and roles using the console..........................................................................303
Activating user and roles using the command line................................................................303
Setting Resource Limits Based on the bind DN..........................................................................304
Setting resource limits using the console..............................................................................304
Setting resource limits using the command line.....................................................................304
Setting Resource Limits for Anonymous Binds.......................................................................305
Using pass-through authentication...........................................................................................305
How Directory Server uses PTA..........................................................................................305
PTA plug-in syntax............................................................................................................306
Contents 9