In most cases, the exec_attr map is created from the /etc/security/exec_attr file. A typical line looks like this:
name:policy:type:res1:res2:id:attr
For example:
Application Server Management:susuer:cmd:::/usr/bin/admin: DBA:unix-dba:cmd:::/usr/db/bin/dbadmin: dbuser:unix-dbuser:cmd:RO::/usr/sbin/db/opensql
If you create an exec_attr map in Active Directory, you must include the key as part of the value. For example:
- Key: Application Server Management
- Value: execution profile name and properties followed by attributes defined as key and value pairs for the profile:
Application Server Management:suser:cmd::: \ /usr/appserver/bin/admin:
This map is only applicable for Solaris.
Doc Feedback