-------------------------------------------------------------------------------------------------------------
# # consolidate # aci: (target=”ldap:///$rootSuffix”) (targetattr=”*”) (version 3.0; acl “Messaging Server End User Administrator Read Access Rights - product=SOMS,schema 2 support,class=installer,num=1,version=1”; allow (read,search) groupdn=”ldap:///cn=Messaging End User Administrators Group, ou=Groups, $rootSuffix”;)
操作:合并。
此 ACI 可向通讯最终用户管理员组授予权限。
-------------------------------------------------------------------------------------------------------------
-------------------------------------------------------------------------------------------------------------
# # consolidate # aci: (target=”ldap:///$rootSuffix”) (targetattr=”objectclass||mailalternateaddress||mailautoreplymode ||mailprogramdeliveryinfo||nswmextendeduserprefs||preferredlanguage ||maildeliveryoption||mailforwardingaddress ||mailAutoReplyTimeout||mailautoreplytextinternal||mailautoreplytext ||vacationEndDate||vacationStartDate||mailautoreplysubject||pabURI ||maxPabEntries||mailMessageStore||mailSieveRuleSource||sunUCDateFormat ||sunUCDateDeLimiter||sunUCTimeFormat”) (version 3.0; acl “Messaging Server End User Adminstrator Write Access Rights - product=SOMS,schema 2 support,class=installer,num=2,version=1”; allow (all) groupdn=”ldap:///cn=Messaging End User Administrators Group, ou=Groups, $rootSuffix”;)
操作:合并。
此 ACI 可向通讯最终用户管理员组授予权限。
-------------------------------------------------------------------------------------------------------------
-------------------------------------------------------------------------------------------------------------
# # consolidate # aci: (targetattr=”uid||ou||owner||mail||mailAlternateAddress ||mailEquivalentAddress||memberOf ||inetuserstatus||mailuserstatus||memberOfManagedGroup||mailQuota ||mailMsgQuota||inetSubscriberAccountId||dataSource||mailhost ||mailAllowedServiceAcces||pabURI||inetCOS||mailSMTPSubmitChannel ||aci”) (targetfilter=(&(objectClass=inetMailUser)(!(nsroledn=cn=Organization Admin Role,*)))) (version 3.0; acl “Deny write access to users over Messaging Server protected attributes - product=SOMS,schema 2 support,class=installer,num=3,version=1 “; deny (write) userdn = “ldap:///self”;)
操作:合并。
这是若干用于设置自身权限的 ACI 之一。
-------------------------------------------------------------------------------------------------------------