Previous Topic Next topic Print topic


Resource Entities

You can specify properties about your ESF LDAP resource entities on the Resource Config dialog box.
Name

Specify the unique name of the resource class.

Description

Specify a description of the resource class.

ACL String

Specify the Access Control List(ACL) string for the resource entity. The ACL specifies the access rights for the resource entity. Each entry in an ACL is referred to as an Access Control Entry, or ACE. These entries are separated by semi-colons.

Each ACE specifies an actor, which is a user, a wildcard pattern for users, or a group, and one or more permissions that are granted (allow) or denied (deny) to that actor. The format for the ACE is as follows:

setting:actor:action-1,...,action-n

Where:

  • setting is allow or deny
  • actor is the name of a user, a pattern with one or more wildcards (see Wildcards) string that will be matched against the user's name, or a group name or wildcard pattern followed by a space and the word group (eg "ADMIN group")
  • action-1 through action-n are permission tokens:
    • none
    • execute
    • read
    • update
    • add
    • delete
    • control
    • alter
    • all

For example, the following ACL string:

allow:Test group:Execute,Read,Update,Add,Delete;allow:Operator group:Read

assigns the Test group execute, read, update, add and delete permissions for the resource, and assigns the Operator group read permission.

Previous Topic Next topic Print topic