Page created: 24 Jul 2019
|
Page updated: 6 Nov 2019
A target expression specifies the set of entries and/or attributes to which an access
control rule applies. The keyword specifies the type of target element. The
expression specifies the items that is targeted by the access control rule. The
operator is either the equal ("=") or not-equal ("!="). Note that the "!=" operator cannot
be used with targattrfilters
and targetscope
keywords. For
specific examples on each target keyword, see the section Working with Targets.
(keyword [=||!=]expression)
The following keywords are supported for use in the target portion of ACIs:
Target Keyword | Description | Wildcards |
---|---|---|
extop | Specifies the OIDs for any extended operations to which the access control rule should apply. | No |
target | Specifies the set of entries, identified using LDAP URLs, to which the access control rule applies. | Yes |
targattrfilters | Identifies specific attribute values based on filters that may be added to or removed from entries to which the access control rule applies. | Yes |
targetattr | Specifies the set of attributes to which the access control rule should apply. | Yes |
targetcontrol | Specifies the OIDs for any request controls to which the access control rule should apply. | No |
targetfilter | Specifies one or more search filters that may be used to indicate the set of entries to which the access control should apply. | Yes |
targetscope | Specifies the scope of entries, relative to the defined target entries or the entry containing the ACI fi there is no target, to which the access control rule should apply. | No |