Rights refers to eDirectory trustee rights and trustees.When you create a tree, the default rights assignments give your network generalized access and security. Some of the default assignments are as follows:
The assignment of rights involves a trustee and a target object. The trustee represents the user or set of users that are receiving the authority. The target represents those network resources the users have authority over.
In eDirectory, rights assignments on containers can be inheritable or non-inheritable. In the NetWare file system, all rights assignments on folders are inheritable. In both eDirectory and NetWare, you can block such inheritance on individual subordinate items so that the rights aren’t effective on those items, no matter who the trustee is. One exception is that the Supervisor right can’t be blocked in the NetWare file system.
To block rights from flowing down the eDirectory tree:
In Roles and Tasks, select
> .Specify the name and context of the object whose inherited rights filter you want to modify, then click
.This displays a list of the inherited rights filters that have already been set on the object.
On the property page, edit the list of inherited rights filters as needed.
To edit the list of filters, you must have the Supervisor or Access Control right to the ACL property of the object. You can set filters that block inherited rights to the object as a whole, to all the properties of the object, and to individual properties, and click
.NOTE:These filters won’t block rights that are explicitly granted a trustee on this object, because such rights aren’t inherited.
To modify trustee rights:
In Roles and Tasks, select
> .Specify the name of the trustee whose rights you want to view, then click
.Click
to view and change.Click
or , according to your task.Click
.Fill in the
and fields. iManager searches for the Trustee Name within the scope of the container defined in the Context field.Users can receive rights in a number of ways, such as explicit trustee assignments, inheritance, and security equivalence. Rights can also be limited by inherited rights filters and changed or revoked by lower trustee assignments. The net result of all these actions—the rights a user can employ—are called effective rights.
A user’s effective rights to an object are calculated each time the user attempts an action. To view effective rights:
In Roles and Tasks, select
> .Specify the name of the trustee whose rights you want to view, then click
.