My Oracle Support Banner

Access Control List Processing in Oracle Virtual Directory (Doc ID 579691.1)

Last updated on MARCH 18, 2019

Applies to:

Oracle Virtual Directory - Version 10.1.4 and later
Information in this document applies to any platform.


The purpose of this document is to explain Access Control List ( ACL ) processing in Oracle Virtual Directory.

Oracle Virtual Directory ( OVD ) provides a single directory view of different data sources for example databases or LDAP servers.

OVD provides Access Control for the whole virtual namespace.
The OVD Access Controls are processed for incoming OVD requests.

Further Oracle Virtual Directory must conform to the authentication and authorization rules of the connected systems.
OVD connects via an adapter to remote Server to build up the virtual namespace.
This means OVD acts as a client to the connected Server and the security rules applied on the connected Server depend on  the user credentials passed by OVD.
For some adapters ( e.g. LDAP adapter ) a "Pass-Through" mode could be configured at adapter level determining which credentials are passed to the remote Directory system.

In this way Oracle Virtual Directory supports own Access Control and the security inherent in the connected system.It is important to understand that an LDAP operation against OVD depends on the security rules applied in OVD and the connected Server.

This note discusses Access Control List processing in OVD and does not discuss the different "Pass-through" mode settings.


OVD Administrators


To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!

In this Document
 General OVD ACL information
 ACL Evaluation Rules:
 Access Control Configuration
 Permissions needed for LDAP operations
 Default installed ACLs
 How to create ACLs in OVD

My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.