IMetabasePolicy.ESKMode

Syntax

ESKMode: Boolean;

Description

The ESKMode property determines whether it is possible to use compatibility mode to work with domain groups in Oracle DBMS.

Comments

The property is relevant only on working in repository based on Oracle DBMS. The property is set to False by default, only users can be added from domain in the security manager. When the value is set to True, the compatibility mode will be enabled, which enables the user to add domain groups and to set up access permissions for it in a particular way. For details about granting permissions, see the Domain Authorization on Working with Oracle Server subsection.

Example

To execute the example, add a link to the Metabase system assembly.

Sub UserProc;
Var
    MB: IMetabase;
    Security: IMetabaseSecurity;
    Police: IMetabasePolicy;
    MandatoryAccess: IMetabaseMandatoryAccess;
    Category: ISecurityCategory;
    Lic: Object;
Begin
    MB := MetabaseClass.Active;
    
// Check out license to work with security manager
    Lic := MB.RequestLicense(UiLicenseFeatureType.Adm);
    Security := MB.Security;
    Police := Security.Policy;
    
// Enable compatibility mode
    Police.ESKMode := True;
    
//Enable mode of roles separation between the information security administrator and the application administrator
    Police.PromoteToIsaMode(Security.ResolveName(MB.Id + "_ISA"As IMetabaseUser);
    MandatoryAccess := Police.MandatoryAccess;
    
//Separate access by levels
    MandatoryAccess.IsSimple := True;
    Category := MandatoryAccess.Category(
0);
    Category.AddLevel(
1"Guest");
    Category.AddLevel(
2"AllAccess");
    
// Save changes
    Security.Apply;
    
// Check in license
    Lic := Null;
End Sub UserProc;

After executing the example the current repository security policy will be changed.

See also:

IMetabasePolicy