Home.... | log in.... | Pub my question! | Sign-up....
Java-index >> Web & Directory Servers >> Directory Servers

adding priveleges to roles using amadmin

I was able to add the priveleges to a role in the Access Manager GUI, but I am not able to do that using the amadmin command. Does anybody know how to do this? Thanks,Ravi
[192 byte] By [raviph3] at [2007-11-26 8:32:28]
«« add user to denygroups on disable
»» how to log out using BASIC authentication
# 1

i found the answer for this one. Add this to your xml data file

<OrganizationRequests DN="dc=iplanet,dc=com">

<CreatePolicy

createDN="o=sunamhiddenrealmdelegationservicepermissions,ou=services,dc=iplanet ,dc=com">

<Policy name="DataStoreReadyPolicy" referralPolicy="false"

active="true">

<Rule name="delegation-rule">

<ServiceName name="sunAMDelegationService" />

<ResourceName

name="sms://*dc=myretsu,dc=com/sunIdentityRepositoryService/*/" />

<AttributeValuePair>

<Attribute name="READ" />

<Value>allow</Value>

</AttributeValuePair>

</Rule>

<Subjects name="ReadyOnlySubjects" description="">

<Subject name="delegation-subject"

type="AMIdentitySubject" includeType="inclusive">

<AttributeValuePair>

<Attribute name="Values" />

<Value>

id=employee,ou=role,dc=myretsu,dc=com,amsdkdn=cn=employee,dc=iplanet,dc=com

</Value>

<Value>

id=manager,ou=role,dc=myretsu,dc=com,amsdkdn=cn=manager,dc=iplanet,dc=com

</Value>

</AttributeValuePair>

</Subject>

</Subjects>

</Policy>

</CreatePolicy>

</OrganizationRequests>

raviph3 at 2007-7-6 21:56:36 > top of Java-index,Web & Directory Servers,Directory Servers...
Web & Directory Servers
Directory Servers

Web & Directory Servers New Topic

Web & Directory Servers Hot Topic

Web & Directory Servers

All Classified