Red Hat Directory Server 8.0 Administrator's Guide

ManualsBrandsHP ManualsSoftwareHP-UX Red Hat Directory Server Software

2.5. Access Control and CoS ...................................................................162

3. Using Views ................................................................................................162

3.1. Creating Views in the Console ..........................................................163

3.2. Deleting Views from the Directory Server Console ..............................164

3.3. Creating Views from the Command Line ............................................164

3.4. Deleting Views from the Command Line ............................................165

4. Using Groups .............................................................................................165

4.1. Managing Static Groups ...................................................................165

4.2. Managing Dynamic Groups ...............................................................167

6. Managing Access Control ....................................................................................169

1. Access Control Principles ............................................................................169

1.1. ACI Structure ...................................................................................169

1.2. ACI Placement .................................................................................170

1.3. ACI Evaluation .................................................................................170

1.4. ACI Limitations .................................................................................170

2. Default ACIs ...............................................................................................171

3. Creating ACIs Manually ...............................................................................172

3.1. The ACI Syntax ................................................................................173

3.2. Defining Targets ...............................................................................173

3.3. Defining Permissions ........................................................................180

4. Bind Rules ..................................................................................................184

4.1. Bind Rule Syntax ..............................................................................185

4.2. Defining User Access - userdn Keyword ............................................186

4.3. Defining Group Access - groupdn Keyword ........................................190

4.4. Defining Role Access - roledn Keyword .............................................190

4.5. Defining Access Based on Value Matching ........................................191

4.6. Defining Access from a Specific IP Address .......................................196

4.7. Defining Access from a Specific Domain ............................................197

4.8. Defining Access at a Specific Time of Day or Day of Week .................198

4.9. Defining Access Based on Authentication Method ..............................199

4.10. Using Boolean Bind Rules ...............................................................201

5. Creating ACIs from the Console ...................................................................202

5.1. Displaying the Access Control Editor .................................................203

5.2. Creating a New ACI ..........................................................................204

5.3. Editing an ACI ..................................................................................209

5.4. Deleting an ACI ................................................................................210

6. Viewing ACIs ..............................................................................................210

7. Get Effective Rights Control .........................................................................211

7.1. Using Get Effective Rights from the Command-Line ...........................212

7.2. Using Get Effective Rights from the Console ......................................215

7.3. Get Effective Rights Return Codes ....................................................215

8. Logging Access Control Information .............................................................216

9. Access Control Usage Examples .................................................................216

9.1. Granting Anonymous Access ............................................................217

9.2. Granting Write Access to Personal Entries .........................................219

9.3. Restricting Access to Key Roles ........................................................222

9.4. Granting a Group Full Access to a Suffix ............................................224

vii