Defining User Access - userdn Keyword
157
The quotation marks (
""
) around
expression
and the delimiting semicolon (
;
) are required. The
expressions you can use depend on the associated
keyword
.
Table 6.3, “LDIF Bind Rule Keywords”
lists each keyword and the associated expressions and
indicates whether wildcard characters are allowed in the expression.
Keyword
Valid Expressions
Wildcard Allowed
userdn
ldap:///
distinguished_name
ldap:///all
ldap:///anyone
ldap:///self
ldap:///parent
ldap:///
suffix
??scope?(
filter
)
Yes, in DN only
groupdn
ldap:///
DN
||
DN
No
roledn
ldap:///
DN
||
DN
No
userattr
attribute
#
bindType
or
attribute
#
value
No
ip
IP_address
Yes
dns
DNS_host_name
Yes
dayofweek
sun mon tue wed thu fri sat
No
timeofday
0 - 2359
No
authmethod
none
simple
ssl
sasl
sasl_mechanism
No
Table 6.3. LDIF Bind Rule Keywords
6.4.2. Defining User Access - userdn Keyword
User access is defined using the
userdn
keyword. The
userdn
keyword requires one or more valid
distinguished names in the following format:
userdn = "ldap:///
dn
[|| ldap:///
dn
]...[||ldap:///
dn
]"
dn
can be a DN or one of the expressions
anyone
,
all
,
self
, or
parent
:
userdn = "ldap:///anyone"
Defines anonymous access
userdn = "ldap:///all"
Defines general access
userdn =ldap:///self"
Defines self access
userdn =ldap:///parent"
Defines access for the parent entry
The
userdn
keyword can also be expressed as an LDAP filter:
ldap:///
suffix
??scope?(
filter
)
Summary of Contents for DIRECTORY SERVER 8.0
Page 18: ...xviii ...
Page 29: ...Configuring the Directory Manager 11 6 Enter the new password and confirm it 7 Click Save ...
Page 30: ...12 ...
Page 112: ...94 ...
Page 128: ...110 ...
Page 190: ...Chapter 6 Managing Access Control 172 4 Click New to open the Access Control Editor ...
Page 224: ...206 ...
Page 324: ...306 ...
Page 334: ...316 ...
Page 358: ...340 ...
Page 410: ...392 ...
Page 420: ...402 ...
Page 444: ...426 ...
Page 454: ...436 ...
Page 464: ...446 ...
Page 484: ...466 ...
Page 512: ...494 ...
Page 522: ...504 ...