My Oracle Support Banner

After changing deny statements in ACI's to allow statements, do the ACI's work the same? (Doc ID 1596700.1)

Last updated on NOVEMBER 20, 2013

Applies to:

Oracle Directory Server Enterprise Edition - Version 6.0 and later
Information in this document applies to any platform.

Goal

Recently in a SR related to ODSEE performance issues, support suggested converting all of the deny statements in our ACIs to allow statements.

The following conversion yielded a performance increase of 20%:

deny (add,write,delete) --> allow (search, read, compare)
deny (write,add,delete,compare,proxy) --> allow (search, read)

Questions: Will the new allow statements yield the same security access rights as the original deny statements?
 

Solution

To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!


In this Document
Goal
Solution


My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.