LDAP supports an added level of security in the form of access control, which allows the server to restrict user access based on user roles.
Access control is implemented in the cluster manager and configured in the policy.xml file. The policy file defines the relationships between resources, roles, and available actions. One configuration works for all cluster managers.
If the policy file is not configured, authorization for authenticated users is not restricted based on user roles.