Server Configuration > Access Control List Permissions > Understanding ACL Access Permissions > Using the MKS ACL to Set Administrative Permissions
 
Using the MKS ACL to Set Administrative Permissions
The mks ACL is a default server level ACL providing root level administrative control over the Integrity Lifecycle Manager server . This allows you to set administrative permissions for the server in one place; however, you can override the root level control by setting administrative permissions for the workflow and document, and configuration management components. For example, if the AdminServer permission is denied for the mks ACL, you can enable configuration management administration of the Integrity Lifecycle Manager server by allowing the AdminServer permission for the mks:si ACL.
* 
The mks ACL cannot be deleted and the ACL entries cannot be removed.
By default, the AdminServer permission is denied to the everyone group. For a complete list of the permissions associated with the mks ACL, see “Integrity Server Permissions”.
To enable the AdminServer permission using the Integrity Lifecycle Manager administration client
1. From the Integrity Lifecycle Manager administration client, expand the Permissions section, and then highlight Server. The display pane shows the permission information for the mks ACL.
2. The default ACL entry for mks is a group named everyone. Remember, ACL entries consist of principals and permissions. In this case, the assigned permission is AdminServer.
You should add a new ACL entry that gives you, or a group of administrators, access to perform administrative functions on the Integrity Lifecycle Manager server. To add a new ACL entry, highlight the Servermks ACL, and right click to choose New from the shortcut menu. The Select ACL Entries to Add dialog box displays.
3. From the Principal list, select the group or user you want to add the new ACL entry for. For example, you could choose an Admin group, provided that group exists on your system.
4. In the Permissions area, change the mks AdminServer permission by clicking the indicator box and toggling through the condition indicators until the box displays a green plus sign indicating the allowed condition.
If necessary, set additional permissions. For example, to perform administrative functions on a proxy server, allow the AdminProxy permission.