-------------------------------------------------------------------------------------------------------------
# # consolidate # aci: (different name - “allow all” instead of “allow”) (target=”ldap:///($dn),$rootSuffix”) (targetfilter=(!(|(nsroledn=cn=Top-level Admin Role,$rootSuffix) (nsroledn=cn=Top-level Help Desk Admin Role,$rootSuffix) (nsroledn=cn=Top-level Policy Admin Role,$rootSuffix)))) (targetattr != “nsroledn”) (version 3.0; acl “S1IS Organization Admin Role access allow all”; allow (all) roledn =”ldap:///cn=Organization Admin Role,[$dn],$rootSuffix”;)
Action: Consolidate.
-------------------------------------------------------------------------------------------------------------
-------------------------------------------------------------------------------------------------------------
# # consolidate # aci: (target=”ldap:///cn=Organization Admin Role,($dn),$rootSuffix”) (targetattr=”*”) (version 3.0; acl “S1IS Organization Admin Role access deny”; deny (write,add,delete,compare,proxy) roledn = “ldap:///cn=Organization Admin Role,($dn),$rootSuffix”;)
Action: Consolidate.
This ACI pertains to the Organization Admin Role.
-------------------------------------------------------------------------------------------------------------
-------------------------------------------------------------------------------------------------------------
# # consolidate # aci: (missing) (target=”ldap:///($dn),$rootSuffix”) (targetattr=”*”) (version 3.0; acl “Organization Admin Role access allow read to org node”; allow (read,search) roledn = “ldap:///cn=Organization Admin Role,($dn),$rootSuffix” ;)
Action: Consolidate.
This ACI pertains to the Organization Admin Role.
-------------------------------------------------------------------------------------------------------------
-------------------------------------------------------------------------------------------------------------
# # consolidate # aci: (target=”ldap:///($dn),$rootSuffix”) (targetfilter=(!(|(nsroledn=cn=Top-level Admin Role,$rootSuffix) (nsroledn=cn=Top-level Help Desk Admin Role,$rootSuffix)))) (targetattr != “nsroledn”) (version 3.0; acl “Organization Admin Role access allow”; allow (all) roledn = “ldap:///cn=Organization Admin Role,[$dn],$rootSuffix”;)
Action: Consolidate.
This ACI pertains to the Organization Admin Role.
-------------------------------------------------------------------------------------------------------------
-------------------------------------------------------------------------------------------------------------
# # consolidate # aci: (target=”ldap:///($dn),$rootSuffix”) (targetattr!=”businessCategory || description || facsimileTelephoneNumber || postalAddress || preferredLanguage || searchGuide || postOfficeBox || postalCode || registeredaddress || street || l || st || telephonenumber ||maildomainreportaddress || maildomainwelcomemessage || preferredlanguage || sunenablegab”) (version 3.0; acl “Organization Admin Role access deny to org node”; deny (write,add,delete) roledn = “ldap:///cn=Organization Admin Role,($dn),$rootSuffix” ;)
Action: Consolidate.
This ACI pertains to the Organization Admin Role.
-------------------------------------------------------------------------------------------------------------
-------------------------------------------------------------------------------------------------------------
# # consolidate # aci: (target=”ldap:///($dn),$rootSuffix”) (targetfilter=(!(|(nsroledn=cn=Top-level Admin Role,$rootSuffix) (nsroledn=cn=Top-level Help Desk Admin Role,$rootSuffix)))) (targetattr != “nsroledn”) (version 3.0; acl “S1IS Organization Admin Role access allow all”; allow (all) roledn = “ldap:///cn=Organization Admin Role,[$dn],$rootSuffix”;)
Action: Consolidate.
-------------------------------------------------------------------------------------------------------------