HP-UX Directory Server Administrator Guide HP-UX Directory Server Version 8.1 (5900-3098, May 2013)
The Access Control Editor prevents creating more complex ACIs in visual editing mode, especially
ACIs with any of these characteristics:
• Deny access (“Permissions syntax” (page 242)).
• Create value-based ACIs (“Targeting attributes” (page 237)).
• Define parent access (“Parent access (parent keyword)” (page 244)).
• Create ACIs that contain Boolean bind rules (“Using Boolean bind rules” (page 254)).
• Create ACIs that use the roledn, userattr, authmethod keywords.
NOTE:
In the Access Control Editor, click the Edit Manually button at any time to check the LDIF
representation of the ACI changes made through the graphical interface.
6.5.1 Displaying the Access Control Editor
1. Start the Directory Server Console. Log in using the bind DN and password of a privileged
user, such as the Directory Manager, who has write access to the ACIs configured for the
directory.
/opt/dirsrv/bin/hpds-idm-console
2. Select the Directory tab.
3. Right-click the entry in the navigation tree for which to set access control, and select Set Access
Permissions from the pop-up menu.
Alternatively, highlight the entry, and select Set Access Permissions from the Object menu.
4. Click New to open the Access Control Editor.
6.5 Creating ACIs from the console 255