Access control

You will want to make private contacts available only to the contact owner. This means you must prevent outsider users from accessing them. Typically, in an LDAP directory, even anonymous users have read access to many of the contact attributes. Therefore, special access control must be established through the use of Netscape Directory Server's access control instructions (ACIs).

If you are using a folder dedicated to a single user's private contacts, then ACI just needs to be established for the folder. Note that this is CIC's default configuration, and CIC will automatically insert the correct ACI values when it creates the folder objects.

If you are not using a folder, or if you're using a folder that contains private contact entries for multiple users, then you must establish ACI in the contact entry instead of the folder entry. The sample attribute mapping file, i3person_map.txt, has an example of how to set up ACI for the contacts; the sample folder attribute file, i3genfolder_map.txt, has an example of how to set up ACI set up for folders. For more information, see i3person_map.txt example file; inetorgperson_map.txt example file; and i3genfolder_map.txt file.

For more information about ACI's, refer to any authoritative documentation on LDAP.