pp108 : Configuring ACL for LDAP Objects

Configuring ACL for LDAP Objects
This topic describes the procedure to configure an ACL at LDAP object level.

Before you begin this task:
You must have the role of systemAdmin or organizationAdmin.


You can define ACLs for the LDAP objects using the LDAP Explorer and authorize the access permissions on various system resources. You can provide the allow or block permissions to users and roles for accessing the LDAP objects. This implies, the user or the user with the role (on which the ACLs are defined) will experience the impact of the ACL.

  1. On CUSP > My Applications, click (LDAP Explorer). The LDAP Store Explorer window appears and displays the list of LDAP objects (organizations, authenticated users, and applications) with their content.
  2. Expand the tree and select an LDAP object for which you want to set an ACL. Right-click the object and click the Security option. The Security dialog box appears and displays a list of users or roles on which ACL have been set.
  3. Click the Add button to set ACL for a user or role. The Organizational Users / Roles dialog box appears and displays a list of users or roles.
  4. Select the required user or role and click the OK button. The Security dialog box appears and displays a list of permissions for users or roles.
    Note: If there are no existing users or roles, the window appears blank.
  5. Select the necessary options from Read, Update, Insert and Delete choices. ACL permission for the selected user or role is set.
  6. Click the Apply button and OK button.

    The ACL is set at the LDAP object level.

Related concepts

Conditional ACL

Related tasks

Configuring ACL for Web Service Interfaces and Operations
Configuring ACL for Service Groups
Configuring ACL for Database Metadata
Configuring ACL for XMLStore Objects
Configuring ACL for Roles
Configuring ACL for Users

Related reference

Unconditional ACL
ACL Parameters
ACL Definitions
ACL Explorer Interface

Related information

LDAP Explorer