This topic describes the resource classes and entities that are used to control access to the functionality of Enterprise Server Administration.
Note: Please note that the management of permissions for MFDS Internal Security differs from that for other Security Managers, and is covered separately by Legacy Directory Server Security Model.
This class contains a set of predefined entities that correspond to the screens and functions used to manage the configuration of MF Directory Server and to access the user, group and resource property screens for security managers. The entities, the functions that they control, and the permissions that a user requires are as follows:
Entity | Controls | Permission required |
---|---|---|
Repository Access | Saving a copy of the repository to a file system directory. | Read |
Importing data from a file system directory. | Add | |
Restoring a repository from a file system directory. The process of restoring overwrites all of the information in the current repository. | Add, Delete | |
Deletion of the entire Directory Server repository including all enterprise servers. | Add, Delete | |
Options | Changing of Directory Server options. | Update |
Object Permissions | Allocation of permissions on individual enterprise servers. | Update |
Directory Discovery | Viewing of a list of the Directory Servers that your Directory Server can detect on the network. | Execute |
Execution Control | Shutting down of the Directory Server. | Execute |
User Administration | Management of user accounts and user groups, and the setting of permissions. | Update, Add, Delete |
The entities contained in this class correspond to, and control the configuration of, Enterprise Servers.
Entity | Controls | Permission required |
---|---|---|
Server Name | Viewing of enterprise server configuration information. | Read |
Starting and stopping of enterprise servers. | Execute | |
Modification of configuration information for an enterprise server. | Update | |
Adding of listeners, services and packages to an enterprise server. When set as a default permission for the group, it also permits the adding of enterprise servers. | Add | |
Deletion of enterprise servers, and of listeners, services and packages from an enterprise server. | Delete |