ACIs - PingOne Advanced Services - PingOne

ACIs - PingOne Advanced Services - PingOne - PingOne Cloud Platform

PingOne Advanced Services

bundle

pingoneadvancedservices

ft:publication_title

PingOne Advanced Services

Product_Version_ce

PingOne Advanced Services

PingOne

PingOne Cloud Platform

category

Product

p1advanced

p1cloudplatform

ContentType_ce

To add, modify, or remove access control instructions (ACIs), submit a request through the service request form, accessible from the Support Portal.

Global ACIs are a set of ACIs that can apply to entries anywhere in the server, but they can also be scoped so that they only apply to a specific set of entries. These ACIs work in conjunction with access control rules stored in user data and provide a convenient way to define ACIs that span disparate portions of the DIT (Directory Information Tree).

You can apply Global ACIs to administrator access, anonymous and authenticated access, delegated access to a manager or for proxy authorization. The following table includes access control components, descriptions, and the syntax used for each component.

Access Control Components	Description	Syntax
targets	Specifies the set of entries and/or attributes to which an access control rule applies.	Syntax: `(target keyword = \|\| != expression)`
name	Specifies the name of the ACI.
permissions	Specifies the type of operations to which an access control rule might apply.	Syntax: `allow\|\|deny (permission)`
bind rules	Specifies the criteria that indicate whether an access control rule should apply to a given requestor.	Syntax: `bind rule keyword = \|\|!= expression;` The bind rule syntax requires that it be terminated with a ";".

For additional information, see Defining global ACIs in the PingDirectory Server Administration Guide.

Complete the following fields:
- Subject: Enter a description of your request, including the action to be taken.
- Environment Type: Specify the type of environment affected by this request.
- Proposed Change Window: Specify the dates or times in which you want the work complete.
In the Capability list, select PingDirectory service request > ACIs.
In the Access control instruction field, provide the instruction. Include the name of the ACI, targets, permissions, and bind rules.
In the Business Priority list, select the appropriate description:
- Change needed by deadline to avoid business impact
- Change modifies existing functionality
- Change adds new functionality
In the Description field, provide additional information regarding the request.
If you are tracking your request within your organization, enter the tracking ID or ticket number associated with it in the Customer Tracking ID field.
To submit your request, click Save.