Sun Java System Calendar Server 6 2005Q4 Administration Guide

Calendar Access Control

Calendar Server uses Access Control Lists (ACLs) to determine the access control for calendars, calendar properties, and calendar components such as events and todos (tasks).

This section covers the following topics:

Configuration Parameters for Access Control

The following table describes the configuration parameters in the ics.conf file that Calendar Server uses for access control.

Table 15–1 Access Control Configuration Parameters


Parameter	Description
`calstore.calendar.default.acl`	Specifies the default access control settings used when a user creates a calendar. The default is: `"@@o^a^r^g;@@o^c^wdeic^g;` `@^a^fs^g;@^c^^g;@^p^r^g"`
`calstore.calendar.owner.acl`	Specifies the default access control settings for owners of a calendar. The default is: `"@@o^a^rsf^g;@@o^c^wdeic^g"`
`resource.default.acl`	Specifies the default access control settings used when a resource calendar is created. The default is: `"@@o^a^r^g;@@o^c^wdeic^g;` `@^a^rsf^g"`

Public and Private Events and Tasks Filter

When creating a new event or task, a user can specify whether the event or task is Public, Private, or Time and Date Only (confidential):

Public: Anyone with read permission to the user’s calendar can view the event or task.
Private: Only owners of the calendar can view the event or task.
Time and Date Only: These are confidential events and tasks. Owners of the calendar can view the event or task. Other users with read permission to the calendar can see only “Untitled Event” on the calendar, and the title is not an active link.

The calstore.filterprivateevents determines whether Calendar Server filters (recognizes) Private, and Time and Date Only (confidential) events and tasks. By default this parameter is set to "yes". If you set calstore.filterprivateevents to "no", Calendar Server treats Private and Time and Date Only events and tasks as if they are Public.

Command-Line Utilities for Access Control

The following table describes the Calendar Server command-line utilities that allow you to set or modify ACLs for access control:

Table 15–2 Command-Line Utilities for Access Control


Utility	Description
`cscal`	Use the `create` and `modify` commands with the `-a` option to set ACLs for specific user or resource calendars.
`csresource`	If you are creating resource calendars with `csresource` (you are in Schema 1 mode), use the `csresource` utility with the `-a` option to set ACLs for resource calendars.
`commadmin user` `csuser`	Use the Schema 2 `commadmin` utility to change the default ACL used when a user creates a calendar. Use the Schema 1 `csuser` utility with the `-a` option to change the default ACL used when a user creates a calendar.

Note –

To set access rights in the Delegated Administrator Console, from the Organization Properties page (also from the Create New Organization wizard), click the Advanced Rights button to see the list of access rights that can be administered from the console.