Deny Write Access Role ACIs (Technical Note: Sun Java System Access Manager ACI Guide)

Technical Note: Sun Java System Access Manager ACI Guide

Previous: Container Admin Role ACIs
Next: User ACIs

Deny Write Access Role ACIs

ACI 1:

aci: (targetattr = "*")
(version 3.0; acl "S1IS Deny write to anonymous user"; deny (add,write,delete) 
roledn ="ldap:///cn=Deny Write Access,ROOT_SUFFIX";)

Members of the Deny Write Access role (that is, anonymous users) do not have add, write, or delete rights to all entries under the root suffix. Anonymous users are allowed only to search and read entries.

Previous: Container Admin Role ACIs
Next: User ACIs