Creating ACL's for SecureLogin

Novell Cool Solutions: Tip

Reader Rating

Digg This - Slashdot This

Posted: 14 Oct 2004

Creating ACLs for SecureLogin

by Uffie Bager

Note: This tip was sent in by Uffie Bager. Thanks to him and all the rest of you who send in Cool Solutions tips - keep them coming!

Problem

Some Admins continue to manage users in NT/AD. But if you are using SecureLogin for Single Sign-On, the rights for the SecureLogin attributes are not automatically created in NT/AD. Therefore, the newly created users will not be able to use SecureLogin until the Admin runs NDSSCHEMA.EXE to assign the rights to them.

Solution

Just let DirXML create the ACL for the SecureLogin Attributes when a new user is created. Add the script below to your Publisher Command Transform, and that will create the ACL's for SecureLogin 3.x.

Here's the sample script file:

<xsl:template match="add[@class-name='user']">
  <xsl:copy>
    <xsl:apply-templates select="@*"/>
      <add-attr attr-name="ACL">
        <value type="structured">
          <component name="protectedName">Prot:SSO Entry</component>
      <component name="trustee">\[Self]</component>
        <component name="privileges">15</component>
      </value>
      <value type="structured">
         <component name="protectedName">Prot:SSO Auth</component>
        <component name="trustee">\[Self]</component>
        <component name="privileges">15</component>
      </value>
        <value type="structured">
          <component name="protectedName">Prot:SSO Security Prefs</component>
          <component name="trustee">\[Self]</component>
        <component name="privileges">15</component>
        </value>
        <value type="structured">
          <component name="protectedName">Prot:SSO Entry Checksum</component>
          <component name="trustee">\[Self]</component>
          <component name="privileges">15</component>
         </value>
      <value type="structured">
        <component name="protectedName">Prot:SSO Security Checksum</component>
        <component name="trustee">\[Self]</component>
        <component name="privileges">15</component>
      </value>
    </add-attr>
  </xsl:copy>
</xsl:template>

Like what you see?
Sign up for our weekly newsletter.

Want to contribute?
It could earn you a nano! Learn more.

Like Wikis?
Join the Cool Solutions Wiki.

Interested?
Request a sales call

Novell Cool Solutions (corporate web communities) are produced by WebWise Solutions. www.webwiseone.com