erSeparationOfDutyRule
The erSeparationOfDutyRule1 class
stores separation of duty policy rule-specific attributes. The parent
class is top.
| Attribute name | Description | Type |
|---|---|---|
cn |
Name of the separation of duty policy rule (required). | directory string |
erCardinality |
Number of roles allowed. | |
erRoles |
Multivalue attribute pointing to the
DNs of
the roles that are involved in this separation of duty policy rule.
This attribute is the expanded hierarchy of roles that relate to the erAffectedRoles attribute
of this entry. |
distinguished name |
erAffectedRoles |
Multivalue attribute pointing to the DNs of the roles that are explicitly defined in this separation of duty policy rule. | distinguished name |
erURI3 |
The universal resource identifier. | directory string |
1 Indicates the class was added in release 5.1.
3 Indicates the attribute is added in IBM Verify Identity Governance 6.0.