Rules that determine how to return the result of a search operation to a client are called search data hiding rules. For information about creating search data hiding rules, see To Create Search Data Hiding Rules in Sun Directory Server Enterprise Edition 7.0 Administration Guide.
The result of a search operation can be returned in one of the following ways:
The target entry is not returned
The target entry is returned but the specified attributes are filtered out
The target entry is returned but the unspecified attributes are filtered out
Search data hiding rules can be applied to the following entries:
Entries with the specified DN
Entries with the specified DN pattern
Entries with a specified attribute name/attribute value pair (attrName:attrValue)
Search data hiding rules are defined for a given request filtering policy and cannot be used by another request filtering policy. If a request filtering policy is deleted, its associated search data hiding rules are automatically deleted. Zero, one or multiple search data hiding rules can be defined in one request filtering policy.