How are ACL's applied when a user is in multiple groups


Article ID: 15975


Updated On:


DX Infrastructure Management NIMSOFT PROBES


When a user is in multiple ACL groups with different permissions what determines which ACL is applied

For Example user x is in Groups 1 and 2.

  • Group 1 has Read Only (R) access
  • Group 2 has Read Write (RW) access

does user x get (R) or (RW)?


Release: CNMSPP99000-8.47-Unified Infrastructure Mgmt-Server Pack-- On Prem


This depends on the version of UIM

  • 8.47 and above user x receives (RW)
    • From 8.47 If a user is in 2 different Groups , both of which are mapped to an ACL, then the user will be authenticated and both ACL's will be applied, ie the user will receive access to all resources defined in both ACL's. If there is a conflict then the Highest permission is applied. eg (RW) + (R) = (RW)

  • Before 8.47 user x receive (R)
    • Before 8.47 the lowest permission was applied eg (RW) + (R) = (R)