Glossary
A |
|
access control | See ACI. |
instruction |
|
access control list | See ACL. |
access rights | In the context of access control, specify the level of access granted or denied. Access rights are |
| related to the type of operation that can be performed on the directory. The following rights |
| can be granted or denied: read, write, add, delete, search, compare, selfwrite, proxy and all. |
account | Disables a user account, group of accounts, or an entire domain so that all authentication |
inactivation | attempts are automatically rejected. |
ACI | An instruction that grants or denies permissions to entries in the directory. |
| See also access control instruction. |
ACL | The mechanism for controlling access to your directory. |
| See also access control list. |
All IDs Threshold | Replaced with the ID list scan limit in Directory Server version 7.1. A size limit which is globally |
| applied to every index key managed by the server. When the size of an individual ID list reaches |
| this limit, the server replaces that ID list with an All IDs token. |
| See also ID list scan limit. |
All IDs token | A mechanism which causes the server to assume that all directory entries match the index key. |
| In effect, the All IDs token causes the server to behave as if no index was available for the search |
| request. |
anonymous | When granted, allows anyone to access directory information without providing credentials, |
access | and regardless of the conditions of the bind. |
approximate | Allows for efficient approximate or |
index |
|
attribute | Holds descriptive information about an entry. Attributes have a label and a value. Each attribute |
| also follows a standard syntax for the type of information that can be stored as the attribute |
| value. |
attribute list | A list of required and optional attributes for a given entry type or object class. |
authenticating | In |
directory server | Server that contains the authentication credentials of the requesting client. The |
| host sends PTA requests it receives from clients to the host. |
authentication | (1) Process of proving the identity of the client user to the Directory Server. Users must provide |
| a bind DN and either the corresponding password or certificate in order to be granted access |
| to the directory. Directory Server allows the user to perform functions or access files and |
| directories based on the permissions granted to that user by the directory administrator. |
| (2) Allows a client to make sure they are connected to a secure server, preventing another |
| computer from impersonating the server or attempting to appear secure when it is not. |
authentication | Digital file that is not transferable and not forgeable and is issued by a third party. Authentication |
certificate | certificates are sent from server to client or client to server in order to verify and authenticate |
| the other party. |
B |
|
base | See base DN. |
distinguished |
|
name |
|
base DN | Base distinguished name. A search operation is performed on the base DN, the DN of the entry |
| and all entries below it in the directory tree. |
55