Security Considerations

Regular Add access checks do not apply to the NC-Add operation, because the parent object might not even exist in the directory. Instead, the requester must have sufficient permissions to either create a new crossRef or modify the pre-created crossRef object. Regular Add and modify permission checks apply for these operations.

No access check is performed for replicated updates.