Select Schema from the task selection bar. The Attribute Types and Object Classes Click the Create button. The New Object Class dialog box appears.

15-14 Oracle Fusion Middleware Administrators Guide for Oracle Virtual Directory

7. Click OK on the dialog box to create the new object class. The new object class

appears in the Object Classes tree.

15.2.2.4 Modifying Schema Object Classes

Perform the following steps to modify existing Oracle Virtual Directory schema object classes using Oracle Directory Services Manager:

1. Log in to Oracle Directory Services Manager.

2. Select Schema from the task selection bar. The Attribute Types and Object Classes

navigation tree appears.

3. Expand the Object Classes entry. A list of the existing schema object classes

appears.

4. In the list, click the object classes to modify. The object classes’s definitions appear.

5. Modify the object classes’s definitions as desired. Refer to step 5 in

Creating New Schema Object Classes on page 15-12 for more information on object class definitions.

6. Click Apply to save the changes.

15.2.2.5 Deleting Schema Object Classes

Perform the following steps to delete existing Oracle Virtual Directory schema attributes using Oracle Directory Services Manager: 1. Log in to Oracle Directory Services Manager.

2. Select Schema from the task selection bar. The Attribute Types and Object Classes

navigation tree appears. 3. Expand the Object Classes entry. A list of the existing schema object classes appears. 4. In the list, click the object class to delete. The object classes’ definitions appear.

5. Click the Delete button at the top of the Object Classes tree. A dialog box appears

asking you to confirm deleting the object class.

6. Click the Delete button on the confirmation dialog box to delete the object class.

The object class is removed from the list of existing object classes in the Object Classes tree. Note: Refer to step 5 in Creating New Schema Object Classes on page 15-12 for more information on object class definitions. 16 Configuring Oracle Virtual Directory Access Control 16-1 16 Configuring Oracle Virtual Directory Access Control This chapter explains how to configure access control for Oracle Virtual Directory and includes the following topics: ■ Creating Access Control Lists Using Oracle Directory Services Manager ■ Managing Access Control Lists Using Oracle Directory Services Manager

16.1 Creating Access Control Lists Using Oracle Directory Services Manager

Perform the following steps to create an ACL using Oracle Directory Services Manager: 1. Log in to Oracle Directory Services Manager.

2. Select Security from the task selection bar. The Access Control Point navigation

tree appears listing the existing Access Control Points.

3. Click the Create button. The new ACL dialog box appears.

4. Identify the Access Control Point for the new ACL by entering the DN where you want to apply the new ACL in the DN field.

5. Configure the scope of the new ACL by selecting either entry or subtree from the

Scope list. Selecting entry applies the new ACL only at the Access Control Point DN entry in the virtual tree. Selecting subtree applies the new ACL at the Access Control Point DN entry and all the entries in the subtree below it.

6. Click the Create button in the Structural Access Items Entry Level Operations

area to create access policy for the entries in the virtual directory tree. The Structural Access configuration dialog box appears.

7. Click the Permissions tab and perform the following to set the entry permissions

for the access policy: Note: If two ACLs differ only by their grantdeny property, the resulting permission will be a deny regardless of the order in which the ACLs are added. For example, the following two ACLs will result in a deny for Searchs and Readr of all attributes for public: deny:s,r[all]public: grant:s,r[all]public: