Access Control Usage ExamplesChapter 6 Managing Access Control 2456. In the Hosts tab, click Add, and in the DNS host filter field, type*.example.com. Click OK to dismiss the dialog box.7. Click OK in the Access Control Editor window.The new ACI is added to the ones listed in the Access Control Managerwindow.ACI “Anonymous World”In LDIF, to grant read and search access of the individual subscribers subtree to theworld, while denying access to information on unlisted subscribers, you couldwrite the following statement:aci: (targetfilter= "(!(unlistedSubscriber=yes))")(targetattr="homePostalAddress || homePhone || mail") (version3.0; acl "Anonymous World"; allow (read, search) userdn="ldap:///anyone";)This example assumes that the ACI is added to theou=subscribers,dc=example,dc=com entry. It also assumes that every subscriberentry has an unlistedSubscriber attribute which is set to yes or no. The targetdefinition filters out the unlisted subscribers based on the value of this attribute.For details on the filter definition, refer to “Setting a Target Using Filtering,” onpage 260.From the Console, you can set this permission by doing the following:1. In the Directory tab, right click the Subscribers entry under the example.comnode in the left navigation tree, and choose Set Access Permissions from thepop-up menu to display the Access Control Manager.2. Click New to display the Access Control Editor.3. In the Users/Groups tab, in the ACI name field, type Anonymous World. Checkthat All Users is displayed in the list of users granted access permission.4. In the Rights tab, tick the checkboxes for read and search rights. Make surethe other checkboxes are clear.5. In the Targets tab, click This Entry to display the dc=subscribers,dc=example,dc=com suffix in the target directory entry field.a. In the filter for subentries field, type the following filter:(!(unlistedSubscriber=yes))