Show Table of Contents
6.38. nsRoleDn
This attribute contains the distinguished name of all roles that apply to an entry. Membership of a managed role is granted upon an entry by adding the role’s DN to the entry’s
nsRoleDN
attribute. For example:
dn: cn=staff,ou=employees,dc=example,dc=com objectclass: LDAPsubentry objectclass: nsRoleDefinition objectclass: nsSimpleRoleDefinition objectclass: nsManagedRoleDefinition dn: cn=userA,ou=users,ou=employees,dc=example,dc=com objectclass: top objectclass: person sn: uA userpassword: secret nsroledn: cn=staff,ou=employees,dc=example,dc=com
A nested role specifies containment of one or more roles of any type. In that case,
nsRoleDN
defines the DN of the contained roles. For example:
dn: cn=everybody,ou=employees,dc=example,dc=com objectclass: LDAPsubentry objectclass: nsRoleDefinition objectclass: nsComplexRoleDefinition objectclass: nsNestedRoleDefinition nsroledn: cn=manager,ou=employees,dc=example,dc=com nsroledn: cn=staff,ou=employees,dc=example,dc=com
OID | 2.16.840.1.113730.3.1.575 |
Syntax | DN |
Multi- or Single-Valued | Multi-valued |
Defined in | Directory Server |