The FusionDirectory ACLs system allows you to control changes while delegating tasks to different users and/or groups.
ACLs can be used to grant rights to FusionDirectory content to users other than the administrator. They can be used to allow users to modify their own information, for example, or for a project manager to modify users on his team.
Create an ACL role in FusionDirectory
In order to establish what a user or a group can do in the interface, it is necessary to create ACL roles which determine the assignments of rights.
Each role has the following properties:
- Name : role name
- Description : a brief description of what can be done by this role
How to assign an ACL
After creating a role, you can say what a person has the right to do.
ACL assignments are characterized by three basic elements:
- LDAP operating mode
- the role dn, which defines the rights assigned to a person in relation to the ACLs assigned to him.
- the person to whom the access control list is assigned
Each user has their own interface
Result of roles assignment: the Administrator view of the interface will not be the same as the Manager’s.