Chapter 6. Managing Access Control

2.In the Access Control Manager window, highlight the ACI to edit, and click Edit.

3.Make the edits to the ACI in the Access Control Editor; the different screens are described more in Section 5.2, “Creating a New ACI” and in the online help.

4.When you have finished editing the ACI, click OK.

The Access Control Editor windows closes, and the modified ACI is listed in the Access

Control Manager.

5.4. Deleting an ACI

To delete an ACI, do the following:

1.In the Directory tab, right-click the top entry in the subtree, and choose Set Access Permissions from the pop-up menu.

The Access Control Manager window opens with a list of ACIs belonging to the entry.

2.In the Access Control Manager window, select the ACI to delete.

3.Click Remove.

The ACI is no longer listed in the Access Control Manager window.

6. Viewing ACIs

All the ACIs under a single suffix in the directory can be viewed from the command line by using the following ldapsearch command: 1

ldapsearch -h host -p port -b baseDN -D rootDN -w rootPassword (aci=*) aci

See the Directory Server Configuration, Command, and File Reference for information on using the ldapsearch utility.

From the Directory Server Console, all of the ACIs that apply to a particular entry can be viewed through the Access Control Manager.

1.Start the Directory Server Console. See Section 4, “Starting the Directory Server Console”.

2.In the Directory tab, right-click the entry in the navigation tree, and select Set Access

1The LDAP tools referenced in this guide are Mozilla LDAP, installed with Directory Server in the

/usr/lib/mozldap directory on Red Hat Enterprise Linux 5 i386; directories for other platforms are listed in Section 2, “LDAP Tool Locations”. However, Red Hat Enterprise Linux systems also include LDAP tools from OpenLDAP. It is possible to use the OpenLDAP commands as shown in the examples, but you must use the -xargument to disable SASL and allow simple authentication.

210

Page 230
Image 230
HP UX Red Hat Direry Server Software manual Viewing ACIs, Deleting an ACI, Control Manager