Name

dsconfig set-root-dn-prop — Modifies Root DN properties

Synopsis

dsconfig set-root-dn-prop {options}

Root DN

Root Dns of type root-dn have the following properties:

default-root-privilege-name
Description

Specifies the names of the privileges that root users will be granted by default.

Default Value

bypass-lockdown

bypass-acl

modify-acl

config-read

config-write

ldif-import

ldif-export

backend-backup

backend-restore

server-lockdown

server-shutdown

server-restart

disconnect-client

cancel-request

password-reset

update-schema

privilege-change

unindexed-search

subentry-write

changelog-read

Allowed Values
backend-backup

Allows the user to request that the server process backup tasks.

backend-restore

Allows the user to request that the server process restore tasks.

bypass-acl

Allows the associated user to bypass access control checks performed by the server.

bypass-lockdown

Allows the associated user to bypass server lockdown mode.

cancel-request

Allows the user to cancel operations in progress on other client connections.

changelog-read

Allows the user to perform read operations on the changelog

config-read

Allows the associated user to read the server configuration.

config-write

Allows the associated user to update the server configuration. The config-read privilege is also required.

data-sync

Allows the user to participate in data synchronization.

disconnect-client

Allows the user to terminate other client connections.

jmx-notify

Allows the associated user to subscribe to receive JMX notifications.

jmx-read

Allows the associated user to perform JMX read operations.

jmx-write

Allows the associated user to perform JMX write operations.

ldif-export

Allows the user to request that the server process LDIF export tasks.

ldif-import

Allows the user to request that the server process LDIF import tasks.

modify-acl

Allows the associated user to modify the server's access control configuration.

password-reset

Allows the user to reset user passwords.

privilege-change

Allows the user to make changes to the set of defined root privileges, as well as to grant and revoke privileges for users.

proxied-auth

Allows the user to use the proxied authorization control, or to perform a bind that specifies an alternate authorization identity.

server-lockdown

Allows the user to place and bring the server of lockdown mode.

server-restart

Allows the user to request that the server perform an in-core restart.

server-shutdown

Allows the user to request that the server shut down.

subentry-write

Allows the associated user to perform LDAP subentry write operations.

unindexed-search

Allows the user to request that the server process a search that cannot be optimized using server indexes.

update-schema

Allows the user to make changes to the server schema.

Multi-valued

Yes

Required

No

Admin Action Required

None

Advanced Property

No

Read-only

No