Global ACIs are a set of ACIs that can apply to entries anywhere in the server, but they can also be scoped so that they only apply to a specific set of entries. These ACIs work in conjunction with access control rules stored in user data and provide a convenient way to define ACIs that span disparate portions of the DIT (Directory Information Tree).

You can apply Global ACIs to administrator access, anonymous and authenticated access, delegated access to a manager or for proxy authorization. The following table includes access control components, descriptions, and the syntax used for each component.
Access Control Components Description Syntax


Specifies the set of entries and/or attributes to which an access control rule applies.

Syntax: (target keyword = || != expression)


Specifies the name of the ACI.


Specifies the type of operations to which an access control rule might apply.

Syntax: allow||deny (permission)

bind rules

Specifies the criteria that indicate whether an access control rule should apply to a given requestor.

Syntax: bind rule keyword = ||!= expression;

The bind rule syntax requires that it be terminated with a ";".

For additional information, see Defining global ACIs in the PingDirectory Server Administration Guide.

  1. Complete the following fields:
    • Subject: Enter a description of your request, including the action to be taken.
    • Environment Type: Specify the type of environment affected by this request.
    • Proposed Change Window: Specify the dates or times in which you want the work complete.
  2. In the Capability list, select PingDirectory service request > ACIs.
  3. In the Access control instruction field, provide the instruction. Include the name of the ACI, targets, permissions, and bind rules.
  4. In the Business Priority list, select the appropriate description:
    • Change needed by deadline to avoid business impact
    • Change modifies existing functionality
    • Change adds new functionality
  5. In the Description field, provide additional information regarding the request.
  6. If you are tracking your request within your organization, enter the tracking ID or ticket number associated with it in the Customer Tracking ID field.
  7. To submit your request, click Save.