Anonymous_User Absent Member.
Absent Member.
611 views

attribute value based ACL?


Is it possible to define ACLs that grant access not on a specific
attribute but only to a attribute IF it is of value a, value, b etc

ie if I have a structure like
\data\users

and i want to give access to a technical user
system\systemusers\techuserA to all objects in \data\users IF attribute
company=X

Is there a way to do this in eDirectory?


--
dominiquevocat
------------------------------------------------------------------------
dominiquevocat's Profile: https://forums.netiq.com/member.php?userid=2210
View this thread: https://forums.netiq.com/showthread.php?t=42631

Labels (1)
0 Likes
2 Replies
Anonymous_User Absent Member.
Absent Member.

Re: attribute value based ACL?

Rights granted to attribute-based dynamic groups?

On 26.09.2012 14:24, dominiquevocat wrote:
>
> Is it possible to define ACLs that grant access not on a specific
> attribute but only to a attribute IF it is of value a, value, b etc
>
> ie if I have a structure like
> \data\users
>
> and i want to give access to a technical user
> system\systemusers\techuserA to all objects in \data\users IF attribute
> company=X
>
> Is there a way to do this in eDirectory?
>
>

0 Likes
Anonymous_User Absent Member.
Absent Member.

Re: attribute value based ACL?


Wolfgang Schreiber;201870 Wrote:
> Rights granted to attribute-based dynamic groups?
>
> Hi, no - i would like to give "conditional" rights, like
>
> user x can read all objects where attribute X has value Y
>
> In the meantime i read that i might get away with "computed ACL" is i
> think what they call it in active directory shops - but i would really
> love to have kind of "dynamic ACL".
>
> The ideas is to have pretty much all user objects in one ou and give
> access to applications consuming over ldap only to the users meeting
> some criteria like legal entity or site or country.



--
dominiquevocat
------------------------------------------------------------------------
dominiquevocat's Profile: https://forums.netiq.com/member.php?userid=2210
View this thread: https://forums.netiq.com/showthread.php?t=42631

0 Likes
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.