The introduction of security policies requires careful planning to ensure that the measures adopted are appropriate to the systems being used. Such considerations are beyond the scope of this documentation. This topic gives a brief overview of the steps involved in using the Security Facility to control user authentication and authorization, and resource access control.
For instructions on extending LDAP repositories, click here.
For more details about configuration options, see Understanding security configuration.
For instructions on setting configuration options, see Configuring Security Options.
The order of the managers on the list determines the order in which they are queried when handling a security request, and this may, depending on other configuration options, affect the result of a query.
You can now add the appropriate security managers from the security manager pool to the list that you are using.
Directory Server security involves two forms of access control:
Application access is always controlled by the security managers on the security manager list. Access to the administration screens is only controlled if you set the Restrict administration access security configuration option. See Restricting administration access.
For Enterprise Server, changes that you make to security configuration, including the addition, removal or re-sequencing of security managers will take effect when you restart the enterprise server.
For Directory Server, most changes take effect when you click OK or Apply. (Some changes may require restarting Directory Server. After applying a change, be sure to check the status line near the top of the Directory Server Administration screen to see if any errors were reported.) However, where Restrict administrative access is set, and the changes might change the credentials needed to access the administrative screens, you will be asked to confirm the changes by supplying:
This is to ensure that you do not inadvertently prevent yourself from administering the system.