# CDDL HEADER START
#
# The contents of this file are subject to the terms of the
# Common Development and Distribution License, Version 1.0 only
# (the "License"). You may not use this file except in compliance
# with the License.
#
# You can obtain a copy of the license at legal-notices/CDDLv1_0.txt
# See the License for the specific language governing permissions
# and limitations under the License.
#
# When distributing Covered Code, include this CDDL HEADER in each
# file and include the License file at legal-notices/CDDLv1_0.txt.
# If applicable, add the following below this CDDL HEADER, with the
# fields enclosed by brackets "[]" replaced with your own identifying
# information:
# Portions Copyright [yyyy] [name of copyright owner]
#
# CDDL HEADER END
#
# Copyright 2009 Sun Microsystems, Inc.
#
dn: cn=Access Control Handler,cn=config
changetype: modify
add: ds-cfg-global-aci
ds-cfg-global-aci: (target="ldap:///dc=groups,dc=com")(targetattr = "*")(version 3.0;acl "access for application"; allow (all)(userdn = "ldap:///uid=my_application,dc=groups,dc=com");)
-
add: ds-cfg-global-aci
ds-cfg-global-aci: (target="ldap:///ou=static,dc=groups,dc=com")(targetattr = "*")(version 3.0;acl "access for application"; deny (all)(groupdn = "ldap:///cn=my_staticgroup1,dc=groups,dc=com");)
-
add: ds-cfg-global-aci
ds-cfg-global-aci: (target="ldap:///ou=static,dc=groups,dc=com")(targetattr = "*")(version 3.0;acl "access for application"; deny (all)(groupdn = "ldap:///cn=my_staticgroup2,dc=groups,dc=com");)
-
add: ds-cfg-global-aci
ds-cfg-global-aci: (target="ldap:///ou=dynamic,dc=groups,dc=com")(targetattr = "*")(version 3.0;acl "access for application"; deny (all)(groupdn = "ldap:///cn=my_dynamicgroup1,dc=groups,dc=com");)
-
add: ds-cfg-global-aci
ds-cfg-global-aci: (target="ldap:///ou=dynamic,dc=groups,dc=com")(targetattr = "*")(version 3.0;acl "access for application"; deny (all)(groupdn = "ldap:///cn=my_dynamicgroup2,dc=groups,dc=com");)