My Oracle Support Banner

After changing deny statements in ACI's to allow statements, do the ACI's work the same? (Doc ID 1596700.1)

Last updated on NOVEMBER 20, 2013

Applies to:

Oracle Directory Server Enterprise Edition - Version 6.0 and later
Information in this document applies to any platform.


Recently in a SR related to ODSEE performance issues, support suggested converting all of the deny statements in our ACIs to allow statements.

The following conversion yielded a performance increase of 20%:

deny (add,write,delete) --> allow (search, read, compare)
deny (write,add,delete,compare,proxy) --> allow (search, read)

Questions: Will the new allow statements yield the same security access rights as the original deny statements?


To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!

In this Document

My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.