Oracle Internet Directory Administrator's Guide Release 2.0.6 A77230-01 |
|
This appendix describes the format (syntax) of any Access Control Information Item (ACI).
This appendix covers topics in the following sections:
The access control directive defined by the user attribute orclACI has the following schema:
OrclACI:
{ <oid> NAME 'orclACI' DESC 'Stores an inheritable ACI' EQUALITY
accessDirectiveMatch SYNTAX 'accessDirectiveDescription' USAGE
'directoryOperation'}
accessDirectiveDescription has the following BNF:
<accessDirectiveDescription> ::= access to <object> [by <subject> ( <accessList> )]+ <object> ::= [attr <EQ-OR-NEQ> (<attrList>) | entry] [filter=(<ldapFilter>)] <subject> ::= <entity> [<BindMode>] <entity> ::= * | self | dn="<regex>" | dnAttr=(<dn_attribute>) | group="<dn>" <BindMode> ::= BindMode = Anonymous | BindMode = Simple | BindMode = SSLNoauth | BindMode = SSLOneway | BindMode = SSLTwoway <accessList> ::= <access> | <access>, <accessList> <access> ::= none | compare | search | browse | read | selfwrite | write | add |delete | nocompare | nosearch | nobrowse |noread | noselfwrite | nowrite | noadd | nodelete <attrList> ::= *| <attribute name> | <attribute name>,<attrList> <EQ-OR-NEQ> ::= = | != <regex> ::= <dn> | *,<dn_of_any_subtree_root>
The entry level access control directive defined by the user attribute orclEntryLevelACI has the following schema:
"orclEntryLevelACI":
{ <oid> NAME 'orclEntryLevelACI' DESC 'Stores entry level ACL Directive'
EQUALITY accessDirectiveMatch SYNTAX 'orclEntryLevelACIDescription'
USAGE 'directoryOperation' }
<orclEntryLevelACIDescription>
::= access to <object> [by <subject> ( <accessList> )]+
|
Copyright © 1999 Oracle Corporation. All Rights Reserved. |
|