2. The Directory Server Access Control Model
3. Understanding the Directory Server Schema
4. Directory Server Index Databases
5. Understanding Directory Server Plug-Ins
6. Directory Server Replication
Assigning Privileges to Normal Users
Most LDAP directory servers typically have a single superuser (for example, cn=Directory Manager in the Sun Java System directory server), which is much like the root account in traditional UNIX® systems. This account can bypass access controls and other restrictions that can be enforced for other users. In the directory server , however, two key changes are made to this model: it is possible to define multiple root users, and a privilege subsystem that makes it possible to control capabilities on a more fine-grained level.
This section discusses the following topics: