My Oracle Support Banner

ODSEE ACI Syntax for target (Doc ID 2277895.1)

Last updated on MARCH 29, 2019

Applies to:

Oracle Directory Server Enterprise Edition - Version 11.1.1.7.2 and later
Information in this document applies to any platform.

Goal

Trying to write ACI to give access to few OU's only to specific users.

aci: (targetattr = "*") (target = "ldap:///ou=COMPANY1,o=example.com" or target = "ldap:///ou=COMPANY2,o=example.com") (version 3.0;acl "QA ";allow (all)(userdn = "ldap:///uid=USER1=example.com" or userdn = "ldap:///uid=USER2,o=example.com");)

This is failing as in the documentation don't see any specific target related regular expressions.
aci: (targetattr = "*") (target = "ldap:///ou=COMPANY1,o=example.com") (version 3.0;acl "QA ";allow (all)(userdn = "ldap:///uid=USER1=example.com" or userdn = "ldap:///uid=USER2,o=example.com");) - THIS WORKS because there is no multiple targets

Looking for workable target syntax.
 

Solution

To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!


In this Document
Goal
Solution
References


My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.