Manualshelf

HP-UX Directory Server 8.1 deployment guide

ManualsBrandsHP ManualsSoftwareHP-UX Directory Server
131132133134135136137138139140
For more information about macro ACIs, refer to the HP-UX Directory Server administrator
guide.
Example Corp. adds the following access controls to support its extranet:
Example Corp. decides to use certificate-based authentication for all extranet activities. When
people log in to the extranet, they need a digital certificate. The directory is used to store
the certificates. Because the directory stores the certificates, users can send encrypted email
by looking up public keys stored in the directory.
Example Corp. creates an ACI that forbids anonymous access to the extranet. This protects
the extranet from denial of service attacks.
Example Corp. wants updates to the directory data to come only from an Example Corp.
hosted application. This means that partners and suppliers using the extranet can only use
the tools provided by Example Corp. Restricting extranet users to Example Corp.'s preferred
tools allows Example Corp. administrators to use the audit logs to track the use of the
directory and limits the types of problems that can be introduced by extranet users outside
of Example Corp. International.
140 Directory design examples