Return-Path: 
 <commits-return-36348-apmail-directory-commits-archive=directory.apache.org@directory.apache.org>
X-Original-To: apmail-directory-commits-archive@www.apache.org
Delivered-To: apmail-directory-commits-archive@www.apache.org
Received: from mail.apache.org (hermes.apache.org [140.211.11.3])
	by minotaur.apache.org (Postfix) with SMTP id CFBE2F808
	for <apmail-directory-commits-archive@www.apache.org>;
 Sat,  6 Apr 2013 05:53:16 +0000 (UTC)
Received: (qmail 13405 invoked by uid 500); 6 Apr 2013 05:53:16 -0000
Delivered-To: apmail-directory-commits-archive@directory.apache.org
Received: (qmail 13319 invoked by uid 500); 6 Apr 2013 05:53:15 -0000
Mailing-List: contact commits-help@directory.apache.org; run by ezmlm
Precedence: bulk
List-Help: <mailto:commits-help@directory.apache.org>
List-Unsubscribe: <mailto:commits-unsubscribe@directory.apache.org>
List-Post: <mailto:commits@directory.apache.org>
List-Id: <commits.directory.apache.org>
Reply-To: dev@directory.apache.org
Delivered-To: mailing list commits@directory.apache.org
Received: (qmail 13308 invoked by uid 99); 6 Apr 2013 05:53:15 -0000
Received: from athena.apache.org (HELO athena.apache.org) (140.211.11.136)
    by apache.org (qpsmtpd/0.29) with ESMTP; Sat, 06 Apr 2013 05:53:15 +0000
X-ASF-Spam-Status: No, hits=-2000.0 required=5.0
	tests=ALL_TRUSTED
X-Spam-Check-By: apache.org
Received: from [140.211.11.4] (HELO eris.apache.org) (140.211.11.4)
    by apache.org (qpsmtpd/0.29) with ESMTP; Sat, 06 Apr 2013 05:53:13 +0000
Received: from eris.apache.org (localhost [127.0.0.1])
	by eris.apache.org (Postfix) with ESMTP id 5202C23888FD;
	Sat,  6 Apr 2013 05:52:53 +0000 (UTC)
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Subject: svn commit: r1465195 - in /directory/site/trunk/content/apacheds: ./
 advanced-ug/
Date: Sat, 06 Apr 2013 05:52:52 -0000
To: commits@directory.apache.org
From: elecharny@apache.org
X-Mailer: svnmailer-1.0.8-patched
Message-Id: <20130406055253.5202C23888FD@eris.apache.org>
X-Virus-Checked: Checked by ClamAV on apache.org

Author: elecharny
Date: Sat Apr  6 05:52:52 2013
New Revision: 1465195

URL: http://svn.apache.org/r1465195
Log:
Removed the SASL Anonymous page, we don't support SASL ANONYMOUS bind

Added:
    directory/site/trunk/content/apacheds/advanced-ug/4.1.2.1-sasl-plain-text-authn.mdtext
      - copied, changed from r1465058, directory/site/trunk/content/apacheds/advanced-ug/4.1.2.2-sasl-plain-text-authn.mdtext
    directory/site/trunk/content/apacheds/advanced-ug/4.1.2.2-sasl-gssapi-authn.mdtext
      - copied, changed from r1464971, directory/site/trunk/content/apacheds/advanced-ug/4.1.2.3-sasl-gssapi-authn.mdtext
    directory/site/trunk/content/apacheds/advanced-ug/4.1.2.4-sasl-digest-md5-authn.mdtext
      - copied, changed from r1464971, directory/site/trunk/content/apacheds/advanced-ug/4.1.2.5-sasl-digest-md5-authn.mdtext
    directory/site/trunk/content/apacheds/advanced-ug/4.1.2.5-sasl-external-authn.mdtext
      - copied, changed from r1464971, directory/site/trunk/content/apacheds/advanced-ug/4.1.2.6-sasl-external-authn.mdtext
    directory/site/trunk/content/apacheds/advanced-ug/4.1.2.6-sasl-ntlm-authn.mdtext
      - copied, changed from r1464971, directory/site/trunk/content/apacheds/advanced-ug/4.1.2.7-sasl-ntlm-authn.mdtext
Modified:
    directory/site/trunk/content/apacheds/advanced-ug/4.1-authentication.mdtext
    directory/site/trunk/content/apacheds/advanced-ug/4.1.2-sasl-authn.mdtext
    directory/site/trunk/content/apacheds/advanced-ug/4.1.2.4-sasl-cram-md5-authn.mdtext
    directory/site/trunk/content/apacheds/advanced-ug/4.5.7.1-enable-authenticated-users-to-browse-and-read-entries.mdtext
    directory/site/trunk/content/apacheds/advanced-user-guide.mdtext

Modified: directory/site/trunk/content/apacheds/advanced-ug/4.1-authentication.mdtext
URL: http://svn.apache.org/viewvc/directory/site/trunk/content/apacheds/advanced-ug/4.1-authentication.mdtext?rev=1465195&r1=1465194&r2=1465195&view=diff
==============================================================================
--- directory/site/trunk/content/apacheds/advanced-ug/4.1-authentication.mdtext (original)
+++ directory/site/trunk/content/apacheds/advanced-ug/4.1-authentication.mdtext Sat Apr  6 05:52:52 2013
@@ -31,13 +31,12 @@ Notice: Licensed to the Apache Software 
     * [4.1.1.2 - Name/Password Authentication](4.1.1.2-name-password-authn.html)
     * [4.1.1.3 - Unauthenticated Authentication](4.1.1.3-unauthenticated-authn.html)
 * [4.1.2 - SASL authentication](4.1.2-sasl-authn.html)
-    * [4.1.2.1 - SASL anonymous Authentication](4.1.2.1-sasl-anonymous-authn.html)
-    * [4.1.2.2 - SASL plain text Authentication](4.1.2.2-sasl-plain-text-authn.html)
-    * [4.1.2.3 - SASL GSSAPI Authentication](4.1.2.3-sasl-gssapi-authn.html)
-    * [4.1.2.4 - SASL CRAM-MD5 Authentication](4.1.2.4-sasl-cram-md5-authn.html)
-    * [4.1.2.5 - SASL DIGEST-MD5 Authentication](4.1.2.5-sasl-digest-md5-authn.html)
-    * [4.1.2.6 - SASL EXTERNAL Authentication](4.1.2.6-sasl-external-authn.html)
-    * [4.1.2.7 - SASL NTLM Authentication](4.1.2.7-sasl-ntlm-authn.html)
+    * [4.1.2.1 - SASL plain text Authentication](4.1.2.1-sasl-plain-text-authn.html)
+    * [4.1.2.2 - SASL GSSAPI Authentication](4.1.2.2-sasl-gssapi-authn.html)
+    * [4.1.2.3 - SASL CRAM-MD5 Authentication](4.1.2.3-sasl-cram-md5-authn.html)
+    * [4.1.2.4 - SASL DIGEST-MD5 Authentication](4.1.2.4-sasl-digest-md5-authn.html)
+    * [4.1.2.5 - SASL EXTERNAL Authentication](4.1.2.5-sasl-external-authn.html)
+    * [4.1.2.6 - SASL NTLM Authentication](4.1.2.6-sasl-ntlm-authn.html)
 * [4.1.3 - Kerberos authentication](4.1.3-kerberos-authn.html)
 * [4.1.4 - Client authentication through certificates](4.1.4-certificate-authn.html)
 

Modified: directory/site/trunk/content/apacheds/advanced-ug/4.1.2-sasl-authn.mdtext
URL: http://svn.apache.org/viewvc/directory/site/trunk/content/apacheds/advanced-ug/4.1.2-sasl-authn.mdtext?rev=1465195&r1=1465194&r2=1465195&view=diff
==============================================================================
--- directory/site/trunk/content/apacheds/advanced-ug/4.1.2-sasl-authn.mdtext (original)
+++ directory/site/trunk/content/apacheds/advanced-ug/4.1.2-sasl-authn.mdtext Sat Apr  6 05:52:52 2013
@@ -30,13 +30,12 @@ It extends the Simple authentication, by
 
 The **SASL* Authentication is used when a simple user/password authentication is not enough. Many other systems exist, and may take many parameters to authenticate a user. With **SASL**, a challenge/response system is used to get the needed information from the client, up to the point the authentication is either successful or fails.
 
-## Content
+## Chapter content
 
-* [4.1.2.1 - SASL anonymous Authentication](4.1.2.1-sasl-anonymous-authn.html)
-* [4.1.2.2 - SASL plain text Authentication](4.1.2.2-sasl-plain-text-authn.html)
-* [4.1.2.3 - SASL GSSAPI Authentication](4.1.2.3-sasl-gssapi-authn.html)
-* [4.1.2.4 - SASL CRAM-MD5 Authentication](4.1.2.4-sasl-cram-md5-authn.html)
-* [4.1.2.5 - SASL DIGEST-MD5 Authentication](4.1.2.5-sasl-digest-md5-authn.html)
-* [4.1.2.6 - SASL EXTERNAL Authentication](4.1.2.6-sasl-external-authn.html)
-* [4.1.2.7 - SASL NTLM Authentication](4.1.2.7-sasl-ntlm-authn.html)
+* [4.1.2.1 - SASL plain text Authentication](4.1.2.1-sasl-plain-text-authn.html)
+* [4.1.2.2 - SASL GSSAPI Authentication](4.1.2.2-sasl-gssapi-authn.html)
+* [4.1.2.3 - SASL CRAM-MD5 Authentication](4.1.2.3-sasl-cram-md5-authn.html)
+* [4.1.2.4 - SASL DIGEST-MD5 Authentication](4.1.2.4-sasl-digest-md5-authn.html)
+* [4.1.2.5 - SASL EXTERNAL Authentication](4.1.2.5-sasl-external-authn.html)
+* [4.1.2.6 - SASL NTLM Authentication](4.1.2.6-sasl-ntlm-authn.html)
 

Copied: directory/site/trunk/content/apacheds/advanced-ug/4.1.2.1-sasl-plain-text-authn.mdtext (from r1465058, directory/site/trunk/content/apacheds/advanced-ug/4.1.2.2-sasl-plain-text-authn.mdtext)
URL: http://svn.apache.org/viewvc/directory/site/trunk/content/apacheds/advanced-ug/4.1.2.1-sasl-plain-text-authn.mdtext?p2=directory/site/trunk/content/apacheds/advanced-ug/4.1.2.1-sasl-plain-text-authn.mdtext&p1=directory/site/trunk/content/apacheds/advanced-ug/4.1.2.2-sasl-plain-text-authn.mdtext&r1=1465058&r2=1465195&rev=1465195&view=diff
==============================================================================
--- directory/site/trunk/content/apacheds/advanced-ug/4.1.2.2-sasl-plain-text-authn.mdtext (original)
+++ directory/site/trunk/content/apacheds/advanced-ug/4.1.2.1-sasl-plain-text-authn.mdtext Sat Apr  6 05:52:52 2013
@@ -1,10 +1,10 @@
-Title: 4.1.2.2 SASL PLAIN Authentication
-NavPrev: 4.1.2.1-sasl-anonymous-authn.html
-NavPrevText: 4.1.2.1 - SASL anonymous Authentication
+Title: 4.1.2.1 SASL PLAIN Authentication
+NavPrev: 4.1.2-sasl-authn.html
+NavPrevText: 4.1.2 - SASL Authentication
 NavUp: 4.1.2-sasl-authn.html
 NavUpText: 4.1.2 - SASL Authentication
-NavNext: 4.1.2.3-sasl-gssapi-authn.html
-NavNextText: 4.1.2.3 - SASL GSSAPI Authentication
+NavNext: 4.1.2.2-sasl-gssapi-authn.html
+NavNextText: 4.1.2.2 - SASL GSSAPI Authentication
 Notice: Licensed to the Apache Software Foundation (ASF) under one
     or more contributor license agreements.  See the NOTICE file
     distributed with this work for additional information
@@ -22,7 +22,7 @@ Notice: Licensed to the Apache Software 
     specific language governing permissions and limitations
     under the License.
 
-# 4.1.2.2 SASL PLAIN Authentication
+# 4.1.2.1 SASL PLAIN Authentication
 
 The **SASL PLAIN** authentication is most certainly useless, as one can already authenticate using the **Simple Bind**. However, it's still possible to issue a **SASL PLAIN** authentication on _ApacheDS_.
 

Copied: directory/site/trunk/content/apacheds/advanced-ug/4.1.2.2-sasl-gssapi-authn.mdtext (from r1464971, directory/site/trunk/content/apacheds/advanced-ug/4.1.2.3-sasl-gssapi-authn.mdtext)
URL: http://svn.apache.org/viewvc/directory/site/trunk/content/apacheds/advanced-ug/4.1.2.2-sasl-gssapi-authn.mdtext?p2=directory/site/trunk/content/apacheds/advanced-ug/4.1.2.2-sasl-gssapi-authn.mdtext&p1=directory/site/trunk/content/apacheds/advanced-ug/4.1.2.3-sasl-gssapi-authn.mdtext&r1=1464971&r2=1465195&rev=1465195&view=diff
==============================================================================
--- directory/site/trunk/content/apacheds/advanced-ug/4.1.2.3-sasl-gssapi-authn.mdtext (original)
+++ directory/site/trunk/content/apacheds/advanced-ug/4.1.2.2-sasl-gssapi-authn.mdtext Sat Apr  6 05:52:52 2013
@@ -1,10 +1,10 @@
-Title: 4.1.2.3 - SASL GSSAPI Authentication
-NavPrev: 4.1.2.2-sasl-plain-text-authn.html
-NavPrevText: 4.1.2.2 - SASL plain text Authentication
+Title: 4.1.2.2 - SASL GSSAPI Authentication
+NavPrev: 4.1.2.1-sasl-plain-text-authn.html
+NavPrevText: 4.1.2.1 - SASL plain text Authentication
 NavUp: 4.1.2-sasl-authn.html
 NavUpText: 4.1.2 - SASL Authentication
-NavNext: 4.1.2.4-sasl-cram-md5-authn.html
-NavNextText: 4.1.2.4 - SASL CRAM-MD5 Authentication
+NavNext: 4.1.2.3-sasl-cram-md5-authn.html
+NavNextText: 4.1.2.3 - SASL CRAM-MD5 Authentication
 Notice: Licensed to the Apache Software Foundation (ASF) under one
     or more contributor license agreements.  See the NOTICE file
     distributed with this work for additional information
@@ -22,4 +22,4 @@ Notice: Licensed to the Apache Software 
     specific language governing permissions and limitations
     under the License.
 
-# 4.1.2.3 - SASL GSSAPI Authentication
+# 4.1.2.2 - SASL GSSAPI Authentication

Modified: directory/site/trunk/content/apacheds/advanced-ug/4.1.2.4-sasl-cram-md5-authn.mdtext
URL: http://svn.apache.org/viewvc/directory/site/trunk/content/apacheds/advanced-ug/4.1.2.4-sasl-cram-md5-authn.mdtext?rev=1465195&r1=1465194&r2=1465195&view=diff
==============================================================================
--- directory/site/trunk/content/apacheds/advanced-ug/4.1.2.4-sasl-cram-md5-authn.mdtext (original)
+++ directory/site/trunk/content/apacheds/advanced-ug/4.1.2.4-sasl-cram-md5-authn.mdtext Sat Apr  6 05:52:52 2013
@@ -1,10 +1,10 @@
-Title: 4.1.2.4 - SASL CRAM-MD5 Authentication
-NavPrev: 4.1.2.3-sasl-gssapi-authn.html
-NavPrevText: 4.1.2.3 - SASL GSSAPI Authentication
+Title: 4.1.2.3 - SASL CRAM-MD5 Authentication
+NavPrev: 4.1.2.2-sasl-gssapi-authn.html
+NavPrevText: 4.1.2.2 - SASL GSSAPI Authentication
 NavUp: 4.1.2-sasl-authn.html
 NavUpText: 4.1.2 - SASL Authentication
-NavNext: 4.1.2.5-sasl-digest-md5-authn.html
-NavNextText: 4.1.2.5 - SASL DIGEST-MD5 Authentication
+NavNext: 4.1.2.4-sasl-digest-md5-authn.html
+NavNextText: 4.1.2.4 - SASL DIGEST-MD5 Authentication
 Notice: Licensed to the Apache Software Foundation (ASF) under one
     or more contributor license agreements.  See the NOTICE file
     distributed with this work for additional information

Copied: directory/site/trunk/content/apacheds/advanced-ug/4.1.2.4-sasl-digest-md5-authn.mdtext (from r1464971, directory/site/trunk/content/apacheds/advanced-ug/4.1.2.5-sasl-digest-md5-authn.mdtext)
URL: http://svn.apache.org/viewvc/directory/site/trunk/content/apacheds/advanced-ug/4.1.2.4-sasl-digest-md5-authn.mdtext?p2=directory/site/trunk/content/apacheds/advanced-ug/4.1.2.4-sasl-digest-md5-authn.mdtext&p1=directory/site/trunk/content/apacheds/advanced-ug/4.1.2.5-sasl-digest-md5-authn.mdtext&r1=1464971&r2=1465195&rev=1465195&view=diff
==============================================================================
--- directory/site/trunk/content/apacheds/advanced-ug/4.1.2.5-sasl-digest-md5-authn.mdtext (original)
+++ directory/site/trunk/content/apacheds/advanced-ug/4.1.2.4-sasl-digest-md5-authn.mdtext Sat Apr  6 05:52:52 2013
@@ -1,10 +1,10 @@
-Title: 4.1.2.5 - SASL DIGEST-MD5 Authentication
-NavPrev: 4.1.2.4-sasl-cram-md5-authn.html
-NavPrevText: 4.1.2.4 - SASL CRAM-MD5 Authentication
+Title: 4.1.2.4 - SASL DIGEST-MD5 Authentication
+NavPrev: 4.1.2.3-sasl-cram-md5-authn.html
+NavPrevText: 4.1.2.3 - SASL CRAM-MD5 Authentication
 NavUp: 4.1.2-sasl-authn.html
 NavUpText: 4.1.2 - SASL Authentication
-NavNext: 4.1.2.6-sasl-external-authn.html
-NavNextText: 4.1.2.6 - SASL EXTERNAL Authentication
+NavNext: 4.1.2.5-sasl-external-authn.html
+NavNextText: 4.1.2.5 - SASL EXTERNAL Authentication
 Notice: Licensed to the Apache Software Foundation (ASF) under one
     or more contributor license agreements.  See the NOTICE file
     distributed with this work for additional information
@@ -22,4 +22,4 @@ Notice: Licensed to the Apache Software 
     specific language governing permissions and limitations
     under the License.
 
-# 4.1.2.5 - SASL DIGEST-MD5 Authentication
+# 4.1.2.4 - SASL DIGEST-MD5 Authentication

Copied: directory/site/trunk/content/apacheds/advanced-ug/4.1.2.5-sasl-external-authn.mdtext (from r1464971, directory/site/trunk/content/apacheds/advanced-ug/4.1.2.6-sasl-external-authn.mdtext)
URL: http://svn.apache.org/viewvc/directory/site/trunk/content/apacheds/advanced-ug/4.1.2.5-sasl-external-authn.mdtext?p2=directory/site/trunk/content/apacheds/advanced-ug/4.1.2.5-sasl-external-authn.mdtext&p1=directory/site/trunk/content/apacheds/advanced-ug/4.1.2.6-sasl-external-authn.mdtext&r1=1464971&r2=1465195&rev=1465195&view=diff
==============================================================================
--- directory/site/trunk/content/apacheds/advanced-ug/4.1.2.6-sasl-external-authn.mdtext (original)
+++ directory/site/trunk/content/apacheds/advanced-ug/4.1.2.5-sasl-external-authn.mdtext Sat Apr  6 05:52:52 2013
@@ -1,10 +1,10 @@
-Title: 4.1.2.6 - SASL EXTERNAL Authentication
-NavPrev: 4.1.2.5-sasl-digest-md5-authn.html
-NavPrevText: 4.1.2.5 - SASL DIGEST-MD5 Authentication
+Title: 4.1.2.5 - SASL EXTERNAL Authentication
+NavPrev: 4.1.2.4-sasl-digest-md5-authn.html
+NavPrevText: 4.1.2.4 - SASL DIGEST-MD5 Authentication
 NavUp: 4.1.2-sasl-authn.html
 NavUpText: 4.1.2 - SASL Authentication
-NavNext: 4.1.2.7-sasl-ntlm-authn.html
-NavNextText: 4.1.2.7 - SASL NTLM Authentication
+NavNext: 4.1.2.6-sasl-ntlm-authn.html
+NavNextText: 4.1.2.6 - SASL NTLM Authentication
 Notice: Licensed to the Apache Software Foundation (ASF) under one
     or more contributor license agreements.  See the NOTICE file
     distributed with this work for additional information
@@ -22,4 +22,4 @@ Notice: Licensed to the Apache Software 
     specific language governing permissions and limitations
     under the License.
 
-# 4.1.2.6 - SASL EXTERNAL Authentication
+# 4.1.2.5 - SASL EXTERNAL Authentication

Copied: directory/site/trunk/content/apacheds/advanced-ug/4.1.2.6-sasl-ntlm-authn.mdtext (from r1464971, directory/site/trunk/content/apacheds/advanced-ug/4.1.2.7-sasl-ntlm-authn.mdtext)
URL: http://svn.apache.org/viewvc/directory/site/trunk/content/apacheds/advanced-ug/4.1.2.6-sasl-ntlm-authn.mdtext?p2=directory/site/trunk/content/apacheds/advanced-ug/4.1.2.6-sasl-ntlm-authn.mdtext&p1=directory/site/trunk/content/apacheds/advanced-ug/4.1.2.7-sasl-ntlm-authn.mdtext&r1=1464971&r2=1465195&rev=1465195&view=diff
==============================================================================
--- directory/site/trunk/content/apacheds/advanced-ug/4.1.2.7-sasl-ntlm-authn.mdtext (original)
+++ directory/site/trunk/content/apacheds/advanced-ug/4.1.2.6-sasl-ntlm-authn.mdtext Sat Apr  6 05:52:52 2013
@@ -1,5 +1,5 @@
-Title: 4.1.2.7 - SASL NTLM Authentication
-NavPrev: 4.1.2.6-sasl-external-authn.html
+Title: 4.1.2.6 - SASL NTLM Authentication
+NavPrev: 4.1.2.5-sasl-external-authn.html
 NavPrevText: 4.1.2.6 - SASL EXTERNAL Authentication
 NavUp: 4.1.2-sasl-authn.html
 NavUpText: 4.1.2 - SASL Authentication
@@ -23,4 +23,4 @@ Notice: Licensed to the Apache Software 
     specific language governing permissions and limitations
     under the License.
 
-# 4.1.2.7 - SASL NTLM Authentication
+# 4.1.2.6 - SASL NTLM Authentication

Modified: directory/site/trunk/content/apacheds/advanced-ug/4.5.7.1-enable-authenticated-users-to-browse-and-read-entries.mdtext
URL: http://svn.apache.org/viewvc/directory/site/trunk/content/apacheds/advanced-ug/4.5.7.1-enable-authenticated-users-to-browse-and-read-entries.mdtext?rev=1465195&r1=1465194&r2=1465195&view=diff
==============================================================================
--- directory/site/trunk/content/apacheds/advanced-ug/4.5.7.1-enable-authenticated-users-to-browse-and-read-entries.mdtext (original)
+++ directory/site/trunk/content/apacheds/advanced-ug/4.5.7.1-enable-authenticated-users-to-browse-and-read-entries.mdtext Sat Apr  6 05:52:52 2013
@@ -21,42 +21,27 @@ Notice: Licensed to the Apache Software 
     KIND, either express or implied.  See the License for the
     specific language governing permissions and limitations
     under the License.
-{scrollbar}
 
-In this trail, we will show how we will allow all authenticated users to
-browse and read all the entries.
+In this trail, we will show how we will allow all authenticated users to browse and read all the entries.
 
-By default, if the access control subsystem is enabled, no one but the
-administrator can browse the DIT. This is obviously not convenient ...
+By default, if the access control subsystem is enabled, no one but the administrator can browse the DIT. This is obviously not convenient ...
 
-<a name="2.5.7.1EnableAuthenticatedUserstoBrowseandReadEntries-PartitionandAccessControlAreaSetup"></a>
 # Partition and Access Control Area Setup
 
-For this example we presume you have setup a partition at the namingContext
-*dc=example,dc=com* and have turned on access controls. Now you want to
-grant browse and read access to entries and their attributes.
-
-Before you can add a *subentry* with the *prescriptiveACI* you'll need to
-create an *administrative area*. For now we'll make the root of the
-partition the *Adminstrative Point* (*AP*). Every entry including this
-entry and those underneath will be part of the autonomous administrative
-area for managing access controls. To do this we must add the
-*administrativeRole* operational attribute to the *AP* entry. 
+For this example we presume you have setup a partition at the namingContext **dc=example,dc=com** and have turned on access controls. Now you want to grant browse and read access to entries and their attributes.
+
+Before you can add a **subentry** with the **prescriptiveACI** you'll need to create an **administrative area**. For now we'll make the root of the partition the **Administrative Point** (**AP**). Every entry including this entry and those underneath will be part of the autonomous administrative area for managing access controls. To do this we must add the **administrativeRole** operational attribute to the **AP** entry. 
 
-<a name="2.5.7.1EnableAuthenticatedUserstoBrowseandReadEntries-AdministrationPointsetup"></a>
 ## AdministrationPoint setup
 
-In our case, the *dc=example,dc=com* context entry has to contain the
-*administrativeRole* attribute, with the *accessControlSpecificArea* value.
+In our case, the **dc=example,dc=com** context entry has to contain the **administrativeRole** attribute, with the **accessControlSpecificArea** value.
 
-Let's first connect to the server using the *admin* user, and select the
-*dc=example,dc=com* entry :
+Let's first connect to the server using the **admin** user, and select the **dc=example,dc=com** entry :
 
 !Screen shot 2010-07-04 at 8.45.09 PM.png|border=1!
 
 
-We will now add the *directoryOperation* attribute *administrativeRole* to
-this entry :
+We will now add the **directoryOperation** attribute **administrativeRole** to this entry :
 
 !Screen shot 2010-07-04 at 10.17.54 PM.png|border=1!
 
@@ -68,37 +53,33 @@ Here is the resulting entry :
 
 !Screen shot 2010-07-04 at 10.19.44 PM.png|border=1!
 
-<a name="2.5.7.1EnableAuthenticatedUserstoBrowseandReadEntries-Subentryaddition"></a>
 ## Subentry addition
 
-Now, we have to create a *subentry* in which we will add the
-*prescriptiveACI* granting access to all the users.
+Now, we have to create a *subentry* in which we will add the **prescriptiveACI** granting access to all the users.
 
 Let's define the ACI first.
 
-<a name="2.5.7.1EnableAuthenticatedUserstoBrowseandReadEntries-ACIItemDescription"></a>
 ### ACIItem Description
 
 Here's the ACIItem we will add :
 
-{newcode}
-{ 
-  identificationTag "enableSearchForAllUsers",
-  precedence 14,
-  authenticationLevel simple,
-  itemOrUserFirst userFirst: 
-  { 
-    userClasses { allUsers }, 
-    userPermissions 
+    :::Java
     { 
-       {
-	 protectedItems {entry, allUserAttributeTypesAndValues}, 
-	 grantsAndDenials { grantRead, grantReturnDN, grantBrowse } 
-       }
-    } 
-  } 
-}
-{newcode}
+      identificationTag "enableSearchForAllUsers",
+      precedence 14,
+      authenticationLevel simple,
+      itemOrUserFirst userFirst: 
+      { 
+        userClasses { allUsers }, 
+        userPermissions 
+        { 
+          {
+	          protectedItems {entry, allUserAttributeTypesAndValues}, 
+	          grantsAndDenials { grantRead, grantReturnDN, grantBrowse } 
+          }
+        } 
+      } 
+    }
 
 There are several parameters to this simple ACIItem. Here's a breif
 exaplanation of each field and it's meaning or significance.
@@ -117,21 +98,18 @@ permissions. </td></tr>
 
 In our case, we want to grant all the users :
 
-{newcode:firstline=7}
-  userClasses { allUsers }
-{newcode}
+    :::Java
+    userClasses { allUsers }
 
 to be granted a read access :
 
-{newcode:firstline=12}
-	 grantsAndDenials { grantRead, grantReturnDN, grantBrowse } 
-{newcode}
+    :::Java
+	  grantsAndDenials { grantRead, grantReturnDN, grantBrowse } 
 
 for the Entry and all the values :
 
-{newcode:firstline=11}
-	 protectedItems {entry, allUserAttributeTypesAndValues}, 
-{newcode}
+    :::Java
+ 	  protectedItems {entry, allUserAttributeTypesAndValues}, 
 
 The granted permissions are used to allow the user to browse the tree
 (*grantBrowse*), read the entries (*grantRead*) and return the DN for
@@ -147,30 +125,29 @@ dc=example,dc=com*.
 
 The entry is described below in a LDIF format :
 
-{newcode}
-dn: cn=enableSearchForAllUsers,dc=example,dc=com
-objectClass: top
-objectClass: subentry
-objectClass: accessControlSubentry
-subtreeSpecification: {}
-prescriptiveACI: 
- { 
-   identificationTag "enableSearchForAllUsers",
-   precedence 14,
-   authenticationLevel simple,
-   itemOrUserFirst userFirst: 
-   { 
-     userClasses { allUsers }, 
-     userPermissions 
-     { 
-       {
-	 protectedItems {entry, allUserAttributeTypesAndValues}
-	 grantsAndDenials { grantRead, grantReturnDN, grantBrowse }
-       }
-     }
-   }
- }
-{newcode}
+    :::Java
+    dn: cn=enableSearchForAllUsers,dc=example,dc=com
+    objectClass: top
+    objectClass: subentry
+    objectClass: accessControlSubentry
+    subtreeSpecification: {}
+    prescriptiveACI: 
+    { 
+      identificationTag "enableSearchForAllUsers",
+      precedence 14,
+      authenticationLevel simple,
+      itemOrUserFirst userFirst: 
+      { 
+        userClasses { allUsers }, 
+        userPermissions 
+        { 
+          {
+	          protectedItems {entry, allUserAttributeTypesAndValues}
+	          grantsAndDenials { grantRead, grantReturnDN, grantBrowse }
+        }
+      }
+    }
+  }
 
 It's also easy to create such an entry with *Apache Directory Studio*.
 First, right click on the context entry, and select 'new Entry' :

Modified: directory/site/trunk/content/apacheds/advanced-user-guide.mdtext
URL: http://svn.apache.org/viewvc/directory/site/trunk/content/apacheds/advanced-user-guide.mdtext?rev=1465195&r1=1465194&r2=1465195&view=diff
==============================================================================
--- directory/site/trunk/content/apacheds/advanced-user-guide.mdtext (original)
+++ directory/site/trunk/content/apacheds/advanced-user-guide.mdtext Sat Apr  6 05:52:52 2013
@@ -42,12 +42,12 @@ This guide get you a deep further into A
             * [4.1.1.2 - Name/Password Authentication](advanced-ug/4.1.1.2-name-password-authn.html)
             * [4.1.1.2 - Unauthenticated Authentication](advanced-ug/4.1.1.2-unauthenticated-authn.html)
         * [4.1.2 - SASL authentication](advanced-ug/4.1.2-sasl-authn.html)
-            * [4.1.2.1 - SASL anonymous Authentication](advanced-ug/4.1.2.1-sasl-anonymous-authn.html)
-            * [4.1.2.2 - SASL plain text Authentication](advanced-ug/4.1.2.2-sasl-plain-text-authn.html)
-            * [4.1.2.3 - SASL GSSAPI Authentication](advanced-ug/4.1.2.3-sasl-gssapi-authn.html)
-            * [4.1.2.4 - SASL CRAM-MD5 Authentication](advanced-ug/4.1.2.4-sasl-cram-md5-authn.html)
-            * [4.1.2.5 - SASL DIGEST-MD5 Authentication](advanced-ug/4.1.2.5-sasl-digest-md5-authn.html)
-            * [4.1.2.6 - SASL EXTERNAL Authentication](advanced-ug/4.1.2.6-sasl-external-authn.html)
+            * [4.1.2.1 - SASL plain text Authentication](advanced-ug/4.1.2.1-sasl-plain-text-authn.html)
+            * [4.1.2.2 - SASL GSSAPI Authentication](advanced-ug/4.1.2.2-sasl-gssapi-authn.html)
+            * [4.1.2.3 - SASL CRAM-MD5 Authentication](advanced-ug/4.1.2.3-sasl-cram-md5-authn.html)
+            * [4.1.2.4 - SASL DIGEST-MD5 Authentication](advanced-ug/4.1.2.4-sasl-digest-md5-authn.html)
+            * [4.1.2.5 - SASL EXTERNAL Authentication](advanced-ug/4.1.2.5-sasl-external-authn.html)
+            * [4.1.2.6 - SASL NTLM Authentication](advanced-ug/4.1.2.6-sasl-ntlm-authn.html)
         * [4.1.3 - Kerberos authentication](advanced-ug/4.1.3-kerberos-authn.html)
         * [4.1.4 - Client authentication through certificates](advanced-ug/4.1.4-certificate-authn.html)
     * [4.2 - Authorization](advanced-ug/4.2-authorization.html)