-------------------------------------------------------------------------------------------------------------
# # consolidate # aci: (target=”ldap:///ou=services,$rootSuffix”) (targetfilter=(!(objectclass=sunServiceComponent))) (targetattr = “*”) (version 3.0; acl “S1IS Services anonymous access”; allow (read, search, compare) userdn = “ldap:///anyone”;)
動作︰合併為單一匿名 ACI。
這是可以授予匿名權限的 ACI 之一。
-------------------------------------------------------------------------------------------------------------
-------------------------------------------------------------------------------------------------------------
# # consolidate # aci: (target=”ldap:///ou=iPlanetAMAdminConsoleService,*,$rootSuffix”) (targetattr = “*”) (version 3.0; acl “S1IS iPlanetAMAdminConsoleService anonymous access”; allow (read, search, compare) userdn = “ldap:///anyone”;)
動作︰合併為單一匿名 ACI。
這是可以授予匿名權限的 ACI 之一。
-------------------------------------------------------------------------------------------------------------
-------------------------------------------------------------------------------------------------------------
# # discard # aci: (target=”ldap:///$rootSuffix”) (targetfilter=(entrydn=$rootSuffix)) (targetattr=”*”) (version 3.0; acl “S1IS Default Organization delete right denied”; deny (delete) userdn = “ldap:///anyone”; )
動作︰捨棄。
此 ACI 可以阻止任何使用者 (rootdn 之外) 刪除預設組織。
-------------------------------------------------------------------------------------------------------------
-------------------------------------------------------------------------------------------------------------
# # discard # aci: (target=”ldap:///cn=Top-level Admin Role,$rootSuffix”) (targetattr=”*”) (version 3.0; acl “S1IS Top-level admin delete right denied”; deny(delete) userdn = “ldap:///anyone”; )
動作︰捨棄。
此 ACI 可阻止任何使用者 (rootdn 之外) 刪除頂層管理員角色。
-------------------------------------------------------------------------------------------------------------