5.6. Access Control
Access Control Lists (ACLs) provide a means to protect information stored in an LDAP directory. Using ACLs, administrators can restrict access to different portions of the directory or specific directory entries. Each entry within the IBM SecureWay Directory has an associated ACL. In conformance with the LDAP model, the directory server stores the ACL information as attribute-value pairs. Furthermore, the LDIF syntax may be used to administer (retrieve/store) these values.
ACL information is broken into two distinct subgroups: The entry owner and the entry ACL. Each directory entry must have both an entry owner and an entry ACL.
Entry owner – The entry owner has complete permissions to perform any operation on the object ...
Get LDAP Implementation Cookbook now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
