This page (revision-1) was last changed on 29-Nov-2024 16:16 by UnknownAuthor

Only authorized users are allowed to rename pages.

Only authorized users are allowed to delete pages.

Page revision history

Version Date Modified Size Author Changes ... Change note

Page References

Incoming links Outgoing links
XDAS Account Management
XDAS Account Management

Version management

Difference between version and

At line 1 added 25 lines
!!! Overview
[{$pagename}] is an [XDASv2 Event] is applicable to the management of [principal] accounts. A [principal] may be an end-user. By default [Organizational Person], [Person], and User [object classes] are mapped to accounts.
NOTE: The [Modify Account Security Token] event can be defined in terms of [MODIFY_ACCOUNT], but modification of account security tokens is considered critical to audit security, and is thus given its own event.
Blame or credit for an action goes to the identity for a set of activities within a system.
Account Management Event [Taxonomy]
%%zebra-table
%%sortable
%%table-filter
||Event Name||[Event Identifier|XDAS Event Identifier]||Corresponding eDir Event||Description||Use
|[CREATE_ACCOUNT]|0.0.0.0|[DSE_CREATE_ENTRY]\\[DSE_LDAP_ADD]\\[DSE_LDAP_ADDRESPONSE]\\[DSE_NAME_COLLISION]|Create a new account|Consider this event as appropriate for any situation wherein an account, as defined above, is to be created.
|[DELETE_ACCOUNT]|0.0.0.1|[DSE_DELETE_ENTRY]\\[DSE_LDAP_DELETE]\\[DSE_LDAP_DELETERESPONSE]\\[DSE_MOVE_SOURCE_ENTRY]\\[DSE_REMOVE_ENTRY]|Delete an existing account|This event has the opposite semantic meaning of account creation. Use this event wherever such an account, as described above, is to be deleted.
|[DISABLE_ACCOUNT]|0.0.0.2|DSE_ADD_VALUE|Disable an existing account|Consider this event relevant for any situation where a particular record in an identifier database is disabled by an administrator or an automated security process such that it can no longer be used until it is re-enabled
|[ENABLE_ACCOUNT]|0.0.0.3|[DSE_ADD_VALUE]|Enable an existing account|This is the counterpart event to the disable account event defined above.
|[QUERY_ACCOUNT]|0.0.0.4|[DSE_SEARCH]\\[DSE_DSA_READ]\\[DSE_INSPECT_ENTRY]\\[DSE_LDAP_SEARCH|SearchRequest]\\[DSE_LDAP_SEARCHENTRYRESPONSE|Search Responses]\\[DSE_LDAP_COMPARE|Compare Request]|Query an existing account|Consider the Query account events whenever a request for the attribute information of a particular account is made.
|[MODIFY_ACCOUNT]|0.0.0.5|DSE_MERGE_ENTRIES\\DSE_ADD_VALUE\\DSE_DELETE_ATTRIBUTE\\DSE_DELETE_VALUE\\[DSE_LDAP_MODDN|ModifyDNRequest]\\[DSE_LDAP_MODDNRESPONSE|Modify DN Response]\\[DSE_LDAP_MODIFY|Modify Request]\\[DSE_LDAP_MODIFYRESPONSE|Modify Response]\\DSE_MODIFY_ENTRY\\DSE_MODIFY_RDN\\DSE_RENAME_ENTRY|Modify an existing account|Consider the Modify account events whenever a request to change attribute information of a particular account is made.
|[MODIFY_ACCOUNT_SECURITY_TOKEN] |0.0.0.6|[DSE_CHGPASS]|Modify an existing account security token|An account security token may be a [password], or any other type of [Credential] materials associated with a user account. Here, a user account means any type of account by which a user, application, or system service may authenticate, and then act with the rights of that account.
/%
/%
/%!! More Information
There might be more information for this subject on one of the following:
[{ReferringPagesPlugin before='*' after='\n' }]
This page (revision-1) was last changed on 29-Nov-2024 16:16 by UnknownAuthorTop