Access Control Usage Examples252 Netscape Directory Server Administrator’s Guide • August 20023. On the Users/Groups tab, in the ACI name field, type "Group Members". Inthe list of users granted access permission, do the following:a. Select and remove All Users, then click Add.The Add Users and Groups dialog box is displayed.b. Set the Search area in the Add Users and Groups dialog box to to SpecialRights, and select All Authenticated Users from the Search results list.c. Click the Add button to list All Authenticated Users in the list of users whoare granted access permission.d. Click OK to dismiss the Add Users and Groups dialog box.4. On the Rights tab, tick the checkbox for selfwrite. Make sure the othercheckboxes are clear.5. On the Targets tab, type dc=example,dc=com suffix in the target directoryentry field. In the attribute table, tick the checkbox for the member attribute.All other checkboxes should be clear. This task is made easier if you click theCheck None button to clear the checkoxes for all attributes in the table, thenclikc the Name header to organize them alphabetically, and select theappropriate ones.6. Click OK.The new ACI is added to the ones listed in the Access Control Managerwindow.Defining Permissions for DNs That Contain aCommaDNs that contain commas require special treatement within your LDIF ACIstatements. In the target and bind rule portions of the ACI statement, commas mustbe escaped by a single backslash (\). The following example illustrates this syntax:dn: dc=example.com Bolivia\, S.A.,dc=comobjectClass: topobjectClass: organizationaci: (target="ldap:///dc=example.com Bolivia\,S.A.,dc=com")(targetattr=*) (version 3.0; acl "aci 2"; allow (all)groupdn = "ldap:///cn=Directory Administrators,dc=example.comBolivia\, S.A.,dc=com";)