ACIs - PingOne Advanced Services - PingOne Cloud Platform - PingOne

PingOne Advanced Services

bundle
pingoneadvancedservices
ft:publication_title
PingOne Advanced Services
Product_Version_ce
PingOne Advanced Services
PingOne Cloud Platform
PingOne
category
Product
p1
p1advanced
p1cloudplatform
ContentType_ce

To add, modify, or remove access control instructions (ACIs), submit a request through the service request form, accessible from the Support Portal.

Global ACIs are a set of ACIs that can apply to entries anywhere in the server, but they can also be scoped so that they only apply to a specific set of entries. These ACIs work in conjunction with access control rules stored in user data and provide a convenient way to define ACIs that span disparate portions of the DIT (Directory Information Tree).

You can apply Global ACIs to administrator access, anonymous and authenticated access, delegated access to a manager or for proxy authorization. The following table includes access control components, descriptions, and the syntax used for each component.
Access Control Components Description Syntax

targets

Specifies the set of entries and/or attributes to which an access control rule applies.

Syntax: (target keyword = || != expression)

name

Specifies the name of the ACI.

permissions

Specifies the type of operations to which an access control rule might apply.

Syntax: allow||deny (permission)

bind rules

Specifies the criteria that indicate whether an access control rule should apply to a given requestor.

Syntax: bind rule keyword = ||!= expression;

The bind rule syntax requires that it be terminated with a ";".

For additional information, see Defining global ACIs in the PingDirectory Server Administration Guide.

  1. Complete the following fields:
    • Subject: Enter a description of your request, including the action to be taken.
    • Environment Type: Specify the type of environment affected by this request.
    • Proposed Change Window: Specify the dates or times in which you want the work complete.
  2. In the Capability list, select PingDirectory service request > ACIs.
  3. In the Access control instruction field, provide the instruction. Include the name of the ACI, targets, permissions, and bind rules.
  4. In the Business Priority list, select the appropriate description:
    • Change needed by deadline to avoid business impact
    • Change modifies existing functionality
    • Change adds new functionality
  5. In the Description field, provide additional information regarding the request.
  6. If you are tracking your request within your organization, enter the tracking ID or ticket number associated with it in the Customer Tracking ID field.
  7. To submit your request, click Save.