Use Negative Access Control Lists
You can deny a user or group specific access types using a Negative Access Control List (NACL).
cminder140
You can deny a user or group specific access types using a Negative Access Control List (NACL).
With the
Privileged Access Manager Server Control
language (selang), use the following command to deny access:auth className resourceName [gid(group-name...)] \ [uid({user-name...|*})] [deniedaccess(accessvalue)]