Assume that the policy domain that contains the policies and other relevant Policy Server objects includes a connection to the LDAP user directory in the following diagram.
The sample user directory contains the following:
This is an organization.
This is an organizational unit that contains information for all employees.
These are directory entries for each employee. Note that a_lvl is a user attribute that indicates an access level. For the purpose of the examples in this section, assume that employee1 and employee2 have an access level of zero (a_lvl=0).
This is a group that contains all company employees as its members.
This is a group that contains all employees with a managerial title as its members. Note that employee3 and employee4 are the only employees in this group, and their respective access levels are greater than zero.
Copyright © 2010 CA. All rights reserved. | Email CA about this topic |