Overview#

XDAS Account Management is an XDASv2 Event involving an identity is a token used to represent a particular user or entity.

Blame or credit for an action goes to the identity for a set of activities within a system.

Accounts exist in the application domains to associate attributes with the set of identifiers typically associated with identities.

Identities can be a human being or an automated identity, such as another service, which is acting on behalf of a human or a regularly scheduled system activity. In both the cases, account management is considered as persistent account creation, wherein an identity with some limited or unlimited set of system rights is associated with attributes.

Account Management Event Taxonomy

Event NameEvent IdentifierCorresponding eDir EventDescriptionUse
Create Account0.0.0.0DSE_CREATE_ENTRY
DSE_LDAP_ADD
DSE_LDAP_ADDRESPONSE
DSE_NAME_COLLISION
Create a new accountConsider this event as appropriate for any situation wherein an account, as defined above, is to be created.
Delete Account0.0.0.1DSE_DELETE_ENTRY
DSE_LDAP_DELETE
DSE_LDAP_DELETERESPONSE
DSE_MOVE_SOURCE_ENTRY
DSE_REMOVE_ENTRY
Delete an existing accountThis event has the opposite semantic meaning of account creation. Use this event wherever such an account, as described above, is to be deleted.
Disable Account0.0.0.2DSE_ADD_VALUEDisable an existing accountConsider this event relevant for any situation where a particular record in an identifier database is disabled by an administrator or an automated security process such that it can no longer be used until it is re-enabled
Enable Account0.0.0.3DSE_ADD_VALUEEnable an existing accountThis is the counterpart event to the disable account event defined above.
Query Account0.0.0.4DSE_SEARCH
DSE_DSA_READ
DSE_INSPECT_ENTRY
DSE_LDAP_SEARCH
DSE_LDAP_SEARCHENTRYRESPONSE
DSE_LDAP_COMPARE
Query an existing accountConsider the Query account events whenever a request for the attribute information of a particular account is made.
Modify Account0.0.0.5DSE_MERGE_ENTRIES
DSE_ADD_VALUE
DSE_DELETE_ATTRIBUTE
DSE_DELETE_VALUE
DSE_LDAP_MODDN
DSE_LDAP_MODDNRESPONSE
DSE_LDAP_MODIFY
DSE_LDAP_MODIFYRESPONSE
DSE_MODIFY_ENTRY
DSE_MODIFY_RDN
DSE_RENAME_ENTRY
Modify an existing accountConsider the Modify account events whenever a request to change attribute information of a particular account is made.
Modify Account Security Token0.0.0.6DSE_CHGPASSModify an existing account security tokenAn account security token may be a password, or any other type of authentication materials associated with a user account. Here, a user account means any type of account by which a user, application, or system service may
authenticate, and then act with the rights of that account.

More Information#

There might be more information for this subject on one of the following:

Add new attachment

Only authorized users are allowed to upload new attachments.
« This page (revision-9) was last changed on 22-Sep-2016 19:45 by jim