Access Control Model (I)

• Access Control Model for LDAP, E. Stokes, D. Byrne, B. Blakey. <draft-ietf-.ldapext-acl-model-o6.txt> July 2000

  • LDAP functional model (add, delete, modify and search) for the manipulation of access control information
  • additional control:
    • getEffectiveRightsRequest and -Response
  • RootDSE Attribute supportedACIMechanism with Attribute aCIMechanism
  • privileges for Attributes: read, write, search, compare
  • privileges for entries: add, delete, editDN, browseDN
  • policyOwner Attribute names who is allowed to set ACIs

Previous slide

Next slide

Back to first slide

View graphic version