15.4 Calendar Access Control

Calendar Server uses Access Control Lists (ACLs) to determine the access control for calendars, calendar properties, and calendar components such as events and todos (tasks).

This section covers the following topics:

• 15.4.1 Configuration Parameters for Access Control

• 15.4.2 Public and Private Events and Tasks Filter

• 15.4.3 Command-Line Utilities for Access Control

15.4.1 Configuration Parameters for Access Control

The following table describes the configuration parameters in the ics.conf file that Calendar Server uses for access control.

Table 15–1 Access Control Configuration Parameters

Parameter	Description
calstore.calendar.default.acl	Specifies the default access control settings used when a user creates a calendar. The default is:  "@@o^a^r^g;@@o^c^wdeic^g; @^a^fs^g;@^c^^g;@^p^r^g"
calstore.calendar.owner.acl	Specifies the default access control settings for owners of a calendar. The default is:  "@@o^a^rsf^g;@@o^c^wdeic^g"
resource.default.acl	Specifies the default access control settings used when a resource calendar is created. The default is:  "@@o^a^r^g;@@o^c^wdeic^g; @^a^rsf^g"

15.4.2 Public and Private Events and Tasks Filter

When creating a new event or task, a user can specify whether the event or task is Public, Private, or Time and Date Only (confidential):

Public

Anyone with read permission to the user’s calendar can view the event or task.

Private

Only owners of the calendar can view the event or task.

Time and Date Only

These are confidential events and tasks. Owners of the calendar can view the event or task. Other users with read permission to the calendar can see only “Untitled Event” on the calendar, and the title is not an active link.

The calstore.filterprivateevents determines whether Calendar Server filters (recognizes) Private, and Time and Date Only (confidential) events and tasks. By default this parameter is set to "yes". If you set calstore.filterprivateevents to "no", Calendar Server treats Private and Time and Date Only events and tasks as if they are Public.

15.4.3 Command-Line Utilities for Access Control

The following table describes the Calendar Server command-line utilities that allow you to set or modify ACLs for access control.

Table 15–2 Command-Line Utilities for Access Control

Utility	Description
cscal	Use the create and modify commands with the -a option to set ACLs for specific user or resource calendars.
csresource	Use the csresource utility with the -a option to set ACLs for resource calendars.
commadmin user csuser	For Schema version 2, use Delegated Administrator Console, or Delegated Administrator Utility, commadmin, to change the default ACL used when a user calendar is created. For Schema version 1, use the csuser utility with the -a option to change the default ACL used when a user creates a calendar.

---

Note –

To set access rights in the Delegated Administrator Console, from the Organization Properties page (also from the Create New Organization wizard), click the Advanced Rights button to see the list of access rights that can be administered from the console.

---