--- title: DSEE Compatible Access Control Handler description: The DSEE Compatible Access Control Handler provides an implementation that uses syntax compatible with the Sun Java System Directory Server Enterprise Edition access control handlers. component: pingds version: 8.1 page_id: pingds:configref:objects-dsee-compat-access-control-handler canonical_url: https://docs.pingidentity.com/pingds/8.1/configref/objects-dsee-compat-access-control-handler.html section_ids: parent: Parent dsee_compatible_access_control_handler_properties: DSEE Compatible Access Control Handler properties basic_properties: Basic properties enabled: enabled global-aci: global-aci advanced_properties: Advanced properties java-class: java-class --- # DSEE Compatible Access Control Handler The DSEE Compatible Access Control Handler provides an implementation that uses syntax compatible with the Sun Java System Directory Server Enterprise Edition access control handlers. ## Parent The DSEE Compatible Access Control Handler object inherits from [Access Control Handler](objects-access-control-handler.html). ## DSEE Compatible Access Control Handler properties You can use configuration expressions to set property values at startup time. For details, see [Property value substitution](expressions.html). | Basic Properties | Advanced Properties | | --------------------------------------------- | ------------------------- | | [enabled](#enabled) [global-aci](#global-aci) | [java-class](#java-class) | ### Basic properties Use the `--advanced` option to access advanced properties. ### enabled | | | | ----------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | | *Synopsis* | Indicates whether the Access Control Handler is enabled. If set to FALSE, then any client (including unauthenticated or anonymous clients) is allowed to bind to the server and any connection with the "bypass-acl" privilege is allowed to perform any operation. | | *Default value* | None | | *Allowed values* | truefalse | | *Multi-valued* | No | | *Required* | Yes | | *Admin action required* | None | | *Advanced* | No | | *Read-only* | No | ### global-aci | | | | ----------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | | *Synopsis* | Defines global access control rules. | | *Description* | Global access control rules apply to all entries anywhere in the data managed by the PingDS directory server. The global access control rules may be overridden by more specific access control rules placed in the data. | | *Default value* | No global access control rules are defined, which means that no access is allowed for any data in the server unless specifically granted by access control rules in the data. | | *Allowed values* | An access control instruction (ACI). | | *Multi-valued* | Yes | | *Required* | No | | *Admin action required* | None | | *Advanced* | No | | *Read-only* | No | ## Advanced properties Use the `--advanced` option to access advanced properties. ### java-class | | | | ----------------------- | ----------------------------------------------------------------------------------------------------------------------------- | | *Synopsis* | Specifies the fully-qualified name of the Java class that provides the DSEE Compatible Access Control Handler implementation. | | *Default value* | org.opends.server.authorization.dseecompat.AciHandler | | *Allowed values* | A Java class that extends or implements:- org.opends.server.api.AccessControlHandler | | *Multi-valued* | No | | *Required* | Yes | | *Admin action required* | The object must be disabled and re-enabled for changes to take effect. | | *Advanced* | Yes | | *Read-only* | No |