ODSEE ACI Syntax for target (Doc ID 2277895.1)

Last updated on JUNE 22, 2017

Applies to:

Oracle Directory Server Enterprise Edition - Version 11.1.1.7.2 and later
Information in this document applies to any platform.

Goal

Trying to write ACI to give access to few OU's only to specific users.

aci: (targetattr = "*") (target = "ldap:///ou=COMPANY1,o=example.com" or target = "ldap:///ou=COMPANY2,o=example.com") (version 3.0;acl "QA ";allow (all)(userdn = "ldap:///uid=USER1=example.com" or userdn = "ldap:///uid=USER2,o=example.com");)

This is failing as in the documentation don't see any specific target related regular expressions.
aci: (targetattr = "*") (target = "ldap:///ou=COMPANY1,o=example.com") (version 3.0;acl "QA ";allow (all)(userdn = "ldap:///uid=USER1=example.com" or userdn = "ldap:///uid=USER2,o=example.com");) - THIS WORKS because there is no multiple targets

Looking for workable target syntax.
 

Solution

Sign In with your My Oracle Support account

Don't have a My Oracle Support account? Click to get started

My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms