Configuring soft deletes by connection criteria
Use this section for instructions on enabling and disabling soft deletes with connection criteria.
The PingDirectory server supports soft deletes where any delete operation is treated as a soft-delete request as long as the LDAP client meets the connection criteria.
To configure soft deletes:
-
Define the connection criteria used in a client connection policy.
-
Configure the soft delete connection criteria in the soft-delete policy.
Enabling soft deletes by connection criteria
Before you begin
Configure a soft-delete policy and global configuration, as shown in Configuring Soft Deletes as a Global Configuration.
Steps
-
Create a connection criteria using
dsconfig
and name itInternal Applications
.Example:
In the following example the soft delete connection criteria is configured for a member of a line of business (LOB) applications group connecting from the 10.8.1.0 network.
$ bin/dsconfig create-connection-criteria \ --criteria-name "Internal Applications" \ --type simple \ --set included-client-address:10.8.1.0/8 \ --set "all-included-user-group-dn:cn=LOB Applications,ou=Groups,dc=example,dc=com"
-
Set the
auto-soft-delete-connection-criteria
property to the soft-delete connection criteria you created in step 1.Example:
$ bin/dsconfig set-soft-delete-policy-prop \ --policy-name default-soft-delete-policy \ --set "auto-soft-delete-connection-criteria:Internal Applications"
Disabling soft deletes by connection criteria
About this task
Disable soft deletes by connection criteria.
Steps
-
Reset the
auto-soft-delete-connection-criteria
property on the soft-delete policy.Example:
$ bin/dsconfig set-soft-delete-policy-prop \ --policy-name default-soft-delete-policy \ --reset auto-soft-delete-connection-criteria