Also – what do you mean by ‘take effect’ ? can you see the server object after applying the acls w/ the new role? or is it just live browse that doesn’t work?
I have created a acl policy that contain server.read and server.browse and applied on a particular server.
Everything worked fine but when i modified the acl policy by removing the server.browse and server.read , i did not find any changes to the server.
I am still able to browse the server.
But according to the documents it states that any changes to the acl policy reflected without replying the policy to the object(here the server).
This concept works fine for other authorizations like server.startservice, server.modify .
but i am unable to understand why it does not behave as expected in case of server.read and server.browse ?
What do you mean by browse the server? through the gui ?
What other permissions are on the server – either via the aclp or directly associated w/ the object?
I have applied a acl policy on a server that contain the following authorizations.
After that i removed the server.browse from the acl policy and noticed that still i am able to browse the browse.
Just for testing purpose i created another acl policy wih the following authorizations.
By appling this i am able to start and stop the services of the server. when i removed server.stopservice from the acl policy , the stop option is disabled and i am unable to stop any of the services (without reappling the acl policy to the server the changes are reflecting but in the previous case i have to reapply the policy on the server to reflect the changes made to the policy)
So i am suprised why in case of server.browse and server.read the acl policy is not reflecting the changes its reflection when we change the policy ?