The Directory Proxy Server provides an access control model with strong validation to
help ensure that invalid ACIs are not allowed into the server. For example, the Directory Proxy Server ensures that all access control rules added over LDAP are valid and can
be fully parsed. Any operation that attempts to store one or more invalid ACIs are rejected.
The same validation is applied to ACIs contained in data imported from an LDIF file. Any entry
containing a malformed aci
value will be rejected.
As an additional level of security, the Directory Proxy Server
examines and validates all ACIs stored in the data whenever a backend is brought online. If
any malformed ACIs are found in the backend, then the server generates an administrative alert
to notify administrators of the problem and places itself in lockdown mode. While in lockdown
mode, the server only allows requests from users who have the lockdown-mode
privilege. This action allows administrators to correct the malformed ACI while ensuring that
no sensitive data is inadvertently exposed due to an access control instruction not being
enforced. When the problem has been corrected, the administrator can use the
leave-lockdown-mode tool or restart the server to allow it to resume
normal operation.