Exit Print View

Sun OpenDS Standard Edition 2.2 Architectural Reference

Get PDF Book Print View
 
Previous Next

Document Information

1.  Introduction

2.  The Directory Server Access Control Model

3.  Understanding the Directory Server Schema

4.  Directory Server Index Databases

5.  Understanding Directory Server Plug-Ins

6.  Directory Server Replication

7.  Directory Server Root Users and the Privilege Subsystem

Root User Accounts

Privilege Subsystem

Assigning Privileges to Normal Users

Assigning Privileges to Root Users

8.  Supported Controls and Operations

Chapter 7

Directory Server Root Users and the Privilege Subsystem

Most LDAP directory servers typically have a single superuser (for example, cn=Directory Manager in the Sun Java System directory server), which is much like the root account in traditional UNIX® systems. This account can bypass access controls and other restrictions that can be enforced for other users. In the directory server , however, two key changes are made to this model: it is possible to define multiple root users, and a privilege subsystem that makes it possible to control capabilities on a more fine-grained level.

This section discusses the following topics:

Legal Copyright 1994-2009 Sun Microsystems, Inc.
Previous Next