After changing deny statements in ACI's to allow statements, do the ACI's work the same?
Last updated on NOVEMBER 20, 2013
Applies to:Oracle Directory Server Enterprise Edition - Version 6.0 and later
Information in this document applies to any platform.
Recently in a SR related to ODSEE performance issues, support suggested converting all of the deny statements in our ACIs to allow statements.
The following conversion yielded a performance increase of 20%:
deny (add,write,delete) --> allow (search, read, compare)
deny (write,add,delete,compare,proxy) --> allow (search, read)
Questions: Will the new allow statements yield the same security access rights as the original deny statements?
Sign In with your My Oracle Support account
Don't have a My Oracle Support account? Click to get started
My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms