How are ACL's applied when a user is in multiple groups

book

Article ID: 15975

calendar_today

Updated On:

Products

DX Infrastructure Management NIMSOFT PROBES

Issue/Introduction



When a user is in multiple ACL groups with different permissions what determines which ACL is applied

For Example user x is in Groups 1 and 2.

  • Group 1 has Read Only (R) access
  • Group 2 has Read Write (RW) access

does user x get (R) or (RW)?

Environment

Release: CNMSPP99000-8.47-Unified Infrastructure Mgmt-Server Pack-- On Prem
Component:

Resolution

This depends on the version of UIM

  • 8.47 and above user x receives (RW)
    • From 8.47 If a user is in 2 different Groups , both of which are mapped to an ACL, then the user will be authenticated and both ACL's will be applied, ie the user will receive access to all resources defined in both ACL's. If there is a conflict then the Highest permission is applied. eg (RW) + (R) = (RW)

  • Before 8.47 user x receive (R)
    • Before 8.47 the lowest permission was applied eg (RW) + (R) = (R)