Novell LDAP Proxy 1.0 Administration Guide - NetIQ
Novell LDAP Proxy 1.0 Administration Guide - NetIQ
Novell LDAP Proxy 1.0 Administration Guide - NetIQ
Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
Configuring an Operation Restriction Policy<br />
The following elements and attributes are used to configure Operation Restriction policies:<br />
: Specifies that the element configured is an Operation Restriction<br />
policy. This element must have the following attributes:<br />
• id-policy: The identity of the policy. The value of this attribute is used to refer to the policy that<br />
is being configured. It can be any alphanumeric value and must be a unique value. This is a<br />
mandatory attribute.<br />
The element can have the following child elements:<br />
• : An explanation about the policy. This is an optional element used for reference<br />
purposes.<br />
• : The rule associated with the Operation Restriction policy that is configured. Every<br />
policy has a rule.<br />
This element has the following child elements:<br />
• : The condition to be evaluated. This is an optional element defined by using<br />
the , , and elements.<br />
The element is defined by using the equal or not-equal attributes,<br />
and the following operation types:<br />
• <br />
• <br />
• <br />
• <br />
• <br />
• <br />
• <br />
• <br />
• : The action to be performed if the condition evaluates to true.<br />
In the “Example” on page 40, the action to be performed is specified as ,<br />
which means that all incoming requests that do not satisfy the specified condition are<br />
restricted from performing any action on the directory structure.<br />
• : The default action to be performed if the condition evaluates to false.<br />
In the “Example” on page 40, the action to be performed is specified as ,<br />
which means that all incoming requests satisfying the condition are allowed to perform an<br />
action on the directory structure.<br />
Depending on how you want to configure the policy, the and <br />
elements can have the following child elements:<br />
• : Allows the client operations to proceed.<br />
• : Denies the client requests.<br />
Manually Configuring <strong>Novell</strong> <strong>LDAP</strong> <strong>Proxy</strong> 39