[delegated-admin] stanza

The Security Verify Access configuration can require the user is authorized to view each group that is returned in the group list. Or, the user can be authorized to return the list without authorizing first.

For delegated administration, use one type of interface throughout the entire process for optimal results. Use the Web Portal Manager or pdadmin utility. This stanza relates only to the pdadmin utility. The stanza entries for turning on or off the setting for authorization checks for the delegated management of groups and users are in the [delegated-admin] stanza of the following configuration file:

• The ivmgrd.conf configuration file for the policy server

• authorize-group-list
  Whether authorization checks on the group list and group list-dn commands are made.

Parent topic: Configuration file stanza reference