This optional class can be used to restrict access to the ESF Administration facility. Resources are named for ESF Admin commands, for example ADDUSER and ALTGROUP. If an applicable rule is defined in this category, the user making the Admin request must have execute permission or the request is denied.