HP-UX Directory Server 8.1 console guide
5 Setting access controls
Access control instructions (ACIs) can be set in the Directory Console to set limits on what users
can see and what operations they can performa on Directory Server and Administration Server
instances managed in the Console.
ACIs define what operations users can do with a specific instance of Directory Server or
Administration Server. ACIs set rules on areas of the subtree which can be accessed or modified,
what operations are allowed, even what hosts can be used to access the server and what times
of day access is allowed.
For Directory Console, access controls can be used to grant administrative privileges very easily
to specific users and to set restrictions on different aspects of the main Console, such as searcing
the directory, adding and editing users and groups, and editing server or Console settings.
ACIs and access control lists (ACLs) are described in much more detail in the HP-UX Directory
Server administrator guide.
5.1 Granting admin privileges to users for Directory Server and
Administration Server
Users can be granted administrative privileges, the same as the admin user for the Administration
Server and similar to the cn=Directory Manager user in Directory Server (though not exactly
the same as the Directory Manager, which is a special user).
1. Highlight a server in the Console navigation tree.
2. Select the Object menu, and choose Set Access Permissions.
Alternatively, right-click the entry, and choose Set Access Permissions.
3. Click Add to add a new user to the list of administrators for the server. The default users,
Directory Manager for the Directory Server and admin for the Administration Server,
are not listed in the Set Permissions Dialog box.
5.1 Granting admin privileges to users for Directory Server and Administration Server 53