Access Control

LDAP supports an added level of security in the form of access control, which allows the server to restrict user access based on user roles.

Access control is implemented in the cluster manager and configured in the policy.xml file. An administrator can provide relationships among the resources he or she wants to access, the roles he or she has, and which actions are available. One configuration works for all cluster managers.

• Roles, Resources, and Actions
  To restrict user access through the access control system, a user must have a defined role. This role must be associated with resources and authorized actions for the resource.
• Configuring Access Control
  Create and develop relationships among roles, resources, and actions by editing the XML policy file.
• Sample Policies for Authorization Roles
  Use the policy.xml file to control access to cricial functions based on authorization role.
• Configuring the Server for Access Control
  Only LDAP can be used as a security provider for access control.
• Recovering Administrative Access
  If you lose administrative access rights to Sybase Event Stream Processor, there are manual steps you can take to recover them.