Resource Classes for MF Directory Server

This topic describes the resource classes and entities that are used to control access to the functionality of Enterprise Server Administration.

Note: Please note that the management of permissions for MFDS Internal Security differs from that for other Security Managers, and is covered separately by Legacy Directory Server Security Model.

Class - Enterprise Server Administration

This class contains a set of predefined entities that correspond to the screens and functions used to manage the configuration of MF Directory Server and to access the user, group and resource property screens for security managers. The entities, the functions that they control, and the permissions that a user requires are as follows:

Entity Controls Permission required
Repository Access Saving a copy of the repository to a file system directory. Read
Importing data from a file system directory. Add
Restoring a repository from a file system directory. The process of restoring overwrites all of the information in the current repository. Add, Delete
Deletion of the entire Directory Server repository including all enterprise servers. Add, Delete
Options Changing of Directory Server options. Update
Object Permissions Allocation of permissions on individual enterprise servers. Update
Directory Discovery Viewing of a list of the Directory Servers that your Directory Server can detect on the network. Execute
Execution Control Shutting down of the Directory Server. Execute
User Administration Management of user accounts and user groups, and the setting of permissions. Update, Add, Delete

Class - Servers

The entities contained in this class correspond to, and control the configuration of, Enterprise Servers.

Entity Controls Permission required
Server Name Viewing of enterprise server configuration information. Read
Starting and stopping of enterprise servers. Execute
Modification of configuration information for an enterprise server. Update
Adding of listeners, services and packages to an enterprise server. When set as a default permission for the group, it also permits the adding of enterprise servers. Add
Deletion of enterprise servers, and of listeners, services and packages from an enterprise server. Delete

Related topics: