acUseridCommandImpact 1.3.6.1.4.1.562.2.4.1.18.2.10.1.4

This attribute indicates the command impact assigned to the userid. The impact determines the importance of the commands which the userid will be allowed to execute. Impact has five levels: 1) Debug impact implies the userid can issue all debugging commands. Debug is the highest impact level. 2) System Administration impact implies the userid can issue provisioning commands on security components. This means the userid can Add, Delete, Display, or Set the Userid and IpAccess subcomponents of AccessControl. 3) Configuration impact implies the userid can issue provisioning commands to alter the provisioned configuration of the Passport module, such as Start Prov, Add, Delete, and Set. 4) Service impact implies the userid can issue operational commands which may affect the service of running components, such as Lock and Unlock. 5) Passive impact implies the userid can only issue query commands which display unrestricted information but otherwise do not affect the operation or configuration of the Passport module. Commands such as List and Display. Passive is the lowest impact level. Note that impact is hierarchical: A userid provisioned with debug impact can also issue all other commands at lower impact levels.