<authorization> <action>...</action> <object> <orgRef oid="1f82e908-0072-11e4-9532-001e8c717e5b"/> </object> </authorization>
Org Reference Clause
Selects objects that are members of a specific Org.
In the following case it only applies to members of Org identified by OID
Listing 1. Authorization applicable to objects in Org identified by OID
This is good for delegated administration to fixed organizational subtrees.
The organization object itself (
The membership is understood transitively, i.e., the objects selected are all objects that are in the subtree rooted at given Org, not just the direct children.
Also, only effective membership is taken into account: disabled or invalid assignments are ignored.
Was this page helpful?
Thanks for your feedback