Skip Navigation Links | |
Exit Print View | |
Oracle Fusion Middleware Architecture Reference for Oracle Unified Directory 11g Release 1 (11.1.1) |
2. The Directory Server Access Control Model
3. Understanding the Directory Server Schema
4. Directory Server Index Databases
5. Directory Server Replication
Assigning Privileges to Normal Users
Most LDAP directory servers typically have a single superuser (for example, cn=Directory Manager in Oracle Directory Server Enterprise Edition), which is much like the root account in traditional UNIX systems. This account can bypass access controls and other restrictions that can be enforced for other users. In the directory server , however, two key changes are made to this model: it is possible to define multiple root users, and a privilege subsystem that makes it possible to control capabilities on a more fine-grained level.
The following sections describe root user accounts and the privilege subsystem: