Sun Java System Directory Server Enterprise Edition 6.2 Administration Guide

ProcedureTo Configure a Request Filtering Policy

You can use DSCC to perform this task. For information, see Directory Service Control Center Interface and the DSCC online help.

  1. View the properties of a request filtering policy.

    $ dpconf get-request-filtering-policy-prop -h host -p port policy-name

    The default properties of a request filtering policy are as follows:

    allow-add-operations                :  true
    allow-bind-operations               :  true
    allow-compare-operations            :  true
    allow-delete-operations             :  true
    allow-extended-operations           :  true
    allow-inequality-search-operations  :  true
    allow-modify-operations             :  true
    allow-rename-operations             :  true
    allow-search-operations             :  true
    allowed-comparable-attrs            :  all
    allowed-search-scopes               :  base
    allowed-search-scopes               :  one-level
    allowed-search-scopes               :  subtree
    allowed-subtrees                    :  ""
    description                         :  -
    prohibited-comparable-attrs         :  none
    prohibited-subtrees                 :  none
  2. Configure the request filtering policy by setting one ore more of the properties listed in Step 1.

    $ dpconf set-request-filtering-policy-prop -h host -p port policy-name \
      property:value [property:value ...]

    By setting the properties listed in Step 1, you configure the following features of the request filtering policy:

    • The types of operations that clients are allowed to perform

    • The subtrees that are exposed to a client or hidden from a client

    • The scope for search operations

    • The types of search filters

    • The attribute types that can or cannot be compared in search and compare operations