Oracle® Internet Directory Administrator's Guide 10g (9.0.4) Part Number B12118-01 |
|
Setting up Access Controls for Creation and Search Bases for Users and Groups, 3 of 3
--- BEGIN LDIF file contents--- dn: %groupsearch_or_createbase_dn% changetype: modify add: orclaci orclaci: access to entry by group="cn=IASAdmins, cn=groups,cn=OracleContext,%subscriberdn%" added_object_constraint=(objectclass=orclcontainer) (browse,add) orclaci: access to entry by group="cn=oracledascreategroup, cn=groups,cn=OracleContext,%subscriberdn%" added_object_constraint=(objectclass=orclgroup*) (browse,add) by group="cn=Common Group Attributes, cn=Groups,cn=OracleContext,%subscriberdn%" (browse) orclaci: access to entry filter=(&(objectclass=orclgroup)(orclisvisible=false)) by groupattr=(owner) (browse, add, delete) by dnattr=(owner) (browse, add, delete) by group="cn=Common Group Attributes, cn=Groups,cn=OracleContext,%subscriberdn%" (browse) by * (none) orclaci: access to entry filter=(&(objectclass=orclgroup)(!(orclisvisible=false))) by group="cn=oracledascreategroup, cn=groups,cn=OracleContext,%subscriberdn%" added_object_constraint=(objectclass=orclgroup) (browse,add) by group="cn=oracledasdeletegroup, cn=groups,cn=OracleContext,%subscriberdn%" (browse,delete) by group="cn=oracledaseditgroup, cn=Groups,cn=OracleContext,%subscriberdn%" (browse) by groupattr=(owner) (browse, add, delete) by dnattr=(owner) (browse, add, delete) by group="cn=Common Group Attributes, cn=Groups,cn=OracleContext,%subscriberdn%" (browse) orclaci: access to attr=(*) filter=(&(objectclass=orclgroup)(orclisvisible=false)) by groupattr=(owner) (read,search,write,compare) by dnattr=(owner) (read,search,write,compare) by * (none) by group="cn=Common Group Attributes, cn=Groups,cn=OracleContext,%subscriberdn%" (read, search, compare) orclaci: access to attr=(*) filter=(&(objectclass=orclgroup)(!(orclisvisible=false))) by groupattr=(owner) (read,search,write,compare) by dnattr=(owner) (read,search,write,compare) by group="cn=oracledaseditgroup, cn=groups,cn=OracleContext,%subscriberdn%" (read,search,write,compare) by group="cn=Common Group Attributes, cn=Groups,cn=OracleContext,%subscriberdn%" (read, search, compare) - add: orclentrylevelaci orclentrylevelaci: access to entry by group="cn=oracledascreategroup, cn=groups,cn=OracleContext,%subscriberdn%" added_object_constraint=(objectclass=orclgroup) (browse, add) by group="cn=IASAdmins, cn=groups,cn=OracleContext,%subscriberdn%" added_object_constraint=(objectclass=orclcontainer) (browse,add) by * (browse) ---END LDIF file contents------
%subscriberdn%
with the DN of the subscriber and %groupsearch_or_createbase_dn%
with the new value of the container DN where the new group search base or group create base points to.
ldapmodify -p oidport -h oidhost -D cn=orcladmin -w Instance Password -v -f group_aci.ldif
|
![]() Copyright © 1999, 2003 Oracle Corporation. All Rights Reserved. |
|