Administration Guide › Set Up Access Controls › Configure Access Controls › Create Access Control Rules

Create Access Control Rules

Each access control rule is a command in a configuration file. When a DSA starts, it reads its configuration files, and applies the settings it finds.

Note: You can not enter control rules directly in the CA Directory console.

To set up access control rules

1. Enable access controls.
2. Set up access control rules for one or more of the following access levels:

   Super users

   Super users have unrestricted read and update access to all parts of the DSA.

   To set access controls for super users, use the command set super-user.

   Administrative users

   Administrative users typically have read and update privileges over a specified directory subtree.

   To set access controls for administrative users, use the command set admin-user.

   Protected items

   Protected items take away privileges from registered users and public users.

   To set access controls for protected items, use the command set protected-items.

   Registered users

   Registered users typically have read access to a specified subtree.

   To set access controls for registered users, use the command set reg-user.

   Public users

   Public (anonymous) users typically have read-only access to a specified subtree.

   To set access controls for public users, use the command set public-user.

3. Save the access configuration file.
4. Restart the DSA.

More information:

set admin-user Command—Configure Administrative User Access Level Rights

set super-user Command—Configure Super User Access Level Rights

set reg-user Command—Configure Registered User Access Level Rights

set public-user Command—Configure Anonymous User Access Level Rights

set protected-items Command—Configure Protected Items Access Level Controls