Oracle Fusion Middleware Administration Guide for Oracle Directory Server Enterprise Edition

ACI “HR”

In LDIF, to grant the HR group all rights to the employee branch of the directory, you would use the following statement:


aci: (targetattr="*") (version 3.0; acl "HR"; allow (all)
  groupdn= "ldap:///cn=HRgroup,ou=Groups,dc=example,dc=com";)

This example assumes that the ACI is added to the following entry:


ou=People,dc=example,dc=com