and

Specifies a set of tests that are performed and whose results are logically ANDed together. A set of <and> elements enclosed by a <conditions> are ORed together.

Example

See <policy>.

Allowed Content

Element

Description

if-association

Tests an association.

if-attr

Tests an attribute in the current operation or the current object in the source data store.

if-class-name

Tests the object class of the current operation.

if-dest-attr

Tests an attribute of the current object in the destination data store.

if-dest-dn

Tests the destination DN of the current operation.

if-entitlement

Tests an entitlement of the current object.

if-global-variable

Tests a global variable.

if-local-variable

Tests a local variable.

if-named-password

Tests a named password.

if-op-attr

Tests an attribute in the current operation.

if-op-property

Tests an operation property.

if-operation

Tests the name of the current operation.

if-password

Tests the password of the current operation.

if-src-attr

Tests an attribute of current object in the source data store.

if-src-dn

Tests the source DN of the current operation.

if-xml-attr

Tests an XML attribute of the current operation.

if-xpath

Tests an XPath expression.

Attributes

Attribute

Possible Values

Default Value

disabled

true | falseTrue if this element is disabled.

false

notrace

true | false

True if this element should not be traced during execution of policy.

false

Content Rule

( if-association | if-attr | if-class-name | if-dest-attr | if-dest-dn | if-entitlement | if-global-variable | if-local-variable | if-named-password | if-op-attr | if-op-property | if-operation | if-password | if-src-attr | if-src-dn | if-xml-attr | if-xpath ) *

Parent Elements

Element

Description

arg-conditions

Conditions argument.

conditions

Conditions under which the actions of a <rule> are performed.