Page created: 22 Jul 2020
|
Page updated: 12 Dec 2022
DSEE offers limited support for restricting access to controls and extended operations. To
the extent that it is possible to control such access with ACIs, DSEE defines entries with a
DN such as "oid={oid},cn=features,cn=config
" where {oid}
is
the OID of the associated control or extended operation. For example, the following DSEE entry
defines ACIs for the persistent search control:
"oid=2.16.840.1.113730.3.4.3,cn=features,cn=config
".
In the PingDirectory Server, the
"targetcontrol
" keyword can be used to define ACIs that grant or deny
access to controls. The "extop
" keyword can be used to define ACIs that grant
or deny access to extended operation requests.