Sun Java System Communications Services 6 2005Q4 Delegated Administrator Guide

Consolidated Anonymous Access Rights

(targetattr != “userPassword||passwordHistory
(version 3.0; acl “anonymous access rights”;
allow (read,search,compare)
userdn = “ldap:///anyone”; )

Analysis: This ACI, which is on the root, allows the same access as the original collection of anonymous ACIs. It does this by listing a set of excluded attributes. This replacement ACI improves performance by eliminating the (*) in the target.