Consolidated Anonymous Access Rights (Sun Java System Communications Services 6 2005Q4 Delegated Administrator Guide)

Sun Java System Communications Services 6 2005Q4 Delegated Administrator Guide

Previous: Analysis of the Existing ACIs
Next: Original Self Acis

Consolidated Anonymous Access Rights

aci:
(target=”ldap:///$rootSuffix”)
(targetfilter=(!(objectclass=sunServiceComponent)))
(targetattr != “userPassword||passwordHistory
||passwordExpirationTime||passwordExpWarned||passwordRetryCount
||retryCountResetTime||accountUnlockTime||passwordAllowChangeTime”)
(version 3.0; acl “anonymous access rights”;
allow (read,search,compare)
userdn = “ldap:///anyone”; )

Analysis: This ACI, which is on the root, allows the same access as the original collection of anonymous ACIs. It does this by listing a set of excluded attributes. This replacement ACI improves performance by eliminating the (*) in the target.

Previous: Analysis of the Existing ACIs
Next: Original Self Acis