Delete extended attribute values from an ACL policy with pdadmin

We can delete extended attribute values from an ACL policy only with the pdadmin utility.

Steps

1. Log on to the domain as the domain administrator.
2. Use the acl modify command with the delete attribute attribute_name attribute_value options.

Example

For example, to delete the value 445 from the extended attributed named Dept_No from the ACL named Test-ACL:

pdadmin sec_master> acl modify Test-ACL delete attribute Dept_No 445

Only the attribute value is deleted.

See the IBM Security Verify Access for Web: Command Reference.

Parent topic: Manage extended attributes in ACL policies