acl detach

Detaches the current ACL policy from a protected object. This command does not delete the ACL policy from the ACL database.

Requires authentication (administrator ID and password) to use this command.

Syntax

acl detach object_name

Description

Only one access control list at a time can be attached to an object. Therefore, the currently attached access control list is detached. If the object does not have an attached ACL policy, an error is displayed.

Options

object_name
Specifies the object from which the current ACL policy is being removed. The object must exist and have an ACL attached, or an error is displayed.

Examples of object names are:

  • /Management/Groups/Travel
  • /WebSEAL
  • /Management

Return codes

0
The command completed successfully.
1
The command failed. When a command fails, the pdadmin command provides a description of the error and an error status code in hexadecimal format (for example, 0x14c012f2). See "Error messages" in the IBM Knowledge Center. This reference provides a list of the Security Verify Access error messages by decimal or hexadecimal codes.

Example

The following example detaches the ACL from the protected object /Management: 
pdadmin sec_master> acl detach /Management

See also

acl attach
acl delete
acl modify