0N/A<?
xml version="1.0" encoding="UTF-8"?>
0N/A ! The contents of this file are subject to the terms of the 0N/A ! Common Development and Distribution License, Version 1.0 only 0N/A ! (the "License"). You may not use this file except in compliance 809N/A ! See the License for the specific language governing permissions 809N/A ! and limitations under the License. 0N/A ! When distributing Covered Code, include this CDDL HEADER in each 0N/A ! If applicable, add the following below this CDDL HEADER, with the 0N/A ! fields enclosed by brackets "[]" replaced with your own identifying 0N/A ! Portions Copyright [yyyy] [name of copyright owner] 0N/A ! Copyright 2015 ForgeRock AS. 0N/A version="5.0" xml:
lang="en" 0N/A <
title>Examples</
title>
0N/A For the following examples the directory admin user, Kirsten Vaughan,
0N/A has <
literal>ds-privilege-name: password-reset</
literal>
0N/A and the following ACI on <
literal>ou=People,dc=example,dc=com</
literal>.
0N/A <
programlisting language="aci">
0N/A(target="ldap:///ou=People,dc=example,dc=com") (targetattr ="*||+")(
0N/A version 3.0;acl "Admins can run amok"; allow(all) groupdn =
0N/A "ldap:///cn=Directory Administrators,ou=Groups,dc=example,dc=com";)
0N/A The following command locks a user account.
0N/A$ <
userinput>manage-account -p 4444 -D "uid=kvaughan,ou=people,dc=example,dc=com" \
0N/A -w bribery set-account-is-disabled -O true \
0N/A -b uid=bjensen,ou=people,dc=example,dc=com -X</
userinput>
0N/A<
computeroutput>Account Is Disabled: true</
computeroutput>
0N/A The following command unlocks a user account.
809N/A$ <
userinput>manage-account -p 4444 -D "uid=kvaughan,ou=people,dc=example,dc=com" \
809N/A -w bribery clear-account-is-disabled \
809N/A -b uid=bjensen,ou=people,dc=example,dc=com -X</
userinput>
809N/A<
computeroutput>Account Is Disabled: false</
computeroutput>