26.2 Directory Permissions Assignment

Based upon the above attribute descriptions and functions, specific roles might be granted the following permissions:

  • Complete SecureLogin Management:

    • protocom-SSO-Auth-Data = Read and Write

    • protocom-SSO-Entries = Read and Write

    • protocom-SSO-Entries-Checksum = Read and Write

    • protocom-SSO-Security-Prefs = Read and Write

    • protocom-SSO-Security-Prefs-Checksum = Read and Write

  • Script, Credentials, and Clear Object Data administration:

    • protocom-SSO-Auth-Data = Read and Write

    • protocom-SSO-Entries = Read and Write

    • protocom-SSO-Entries-Checksum = Read and Write

Depending on the needs of your organization, these permissions can be assigned to specific users or groups at an organizational unit level. The following discussion demonstrates the creation of a SecureLogin Administration group and the delegation of permissions to an organizational unit that is one level below the top level organizational units in the Directory hierarchy.