ibm-information-center/dist/eclipse/plugins/i5OS.ic.rzahy_5.4.0.1/rzahyeffectacl.htm

68 lines
3.6 KiB
HTML

<?xml version="1.0" encoding="utf-8"?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="en-US" xml:lang="en-us">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta name="dc.language" scheme="rfc1766" content="en-us" />
<!-- All rights reserved. Licensed Materials Property of IBM -->
<!-- US Government Users Restricted Rights -->
<!-- Use, duplication or disclosure restricted by -->
<!-- GSA ADP Schedule Contract with IBM Corp. -->
<meta name="dc.date" scheme="iso8601" content="2005-09-06" />
<meta name="copyright" content="(C) Copyright IBM Corporation 1998, 2006" />
<meta name="security" content="public" />
<meta name="Robots" content="index,follow"/>
<meta http-equiv="PICS-Label" content='(PICS-1.1 "http://www.icra.org/ratingsv02.html" l gen true r (cz 1 lz 1 nz 1 oz 1 vz 1) "http://www.rsac.org/ratingsv01.html" l gen true r (n 0 s 0 v 0 l 0) "http://www.classify.org/safesurf/" l gen true r (SS~~000 1))' />
<title>Directory Server (LDAP) - Effective ACLs</title>
<link rel="stylesheet" type="text/css" href="ibmidwb.css" />
<link rel="stylesheet" type="text/css" href="ic.css" />
</head>
<body>
<a id="Top_Of_Page" name="Top_Of_Page"></a><!-- Java sync-link -->
<script language = "Javascript" src = "../rzahg/synch.js" type="text/javascript"></script>
<a name="rzahyeffectacl"></a>
<h3 id="rzahyeffectacl">Effective ACLs</h3>
<p>Effective ACLs are the explicit and inherited ACLs of the selected entry.
You can view the access rights for a specific effective ACL by selecting it
and clicking the <span class="bold">View</span> button. The <span class="bold">View access rights</span> panel opens.</p>
<p><span class="bold">Viewing access rights</span></p>
<ul>
<li>The <span class="bold">Rights</span> section displays the addition and deletion
rights of the subject.
<ul>
<li><span class="bold">Add child</span> grants or denies the subject the right
to add a directory entry beneath the selected entry.</li>
<li><span class="bold">Delete entry</span> grants or denies the subject the right
to delete the selected entry.</li></ul></li>
<li>The <span class="bold">Security class</span> section defines permissions for
security classes. Attributes are grouped into security classes:
<ul>
<li><span class="bold">Normal</span> - Normal attribute classes require the least
security, for example, the attribute commonName.</li>
<li><span class="bold">Sensitive</span> - Sensitive attribute classes require
a moderate amount of security, for example homePhone.</li>
<li><span class="bold">Critical</span> - Critical attribute classes require the
most security, for example, the attribute userpassword.</li>
<li><span class="bold">System</span> - System attributes are read only attributes
that are maintained by the server.</li>
<li><span class="bold">Restricted</span> - Restricted attributes are used to define
access control.</li></ul>Each security class has permissions associated with it.
<ul>
<li><span class="bold">Read</span> - the subject can read
attributes.</li>
<li><span class="bold">Write</span> - the subject can change the attributes.</li>
<li><span class="bold">Search</span> - the subject can search
attributes.</li>
<li><span class="bold">Compare</span> - the subject can compare
attributes.</li></ul></li></ul>
<p>Click <span class="bold">OK</span> to return to the Effective ACLs
tab.</p>
<p>Click <span class="bold">Cancel</span> to return to the Edit ACL
panel.</p>
<a id="Bot_Of_Page" name="Bot_Of_Page"></a>
</body>
</html>