| ibm-slapdFDProxyAuthorization |
1.3.18.0.2.6.686 |
Information that is related to Virtual Directory admin users. |
Must attributes
- ibm-slapdFDProxyAdminDN
- The Bind DN for Virtual Directory Server administrator user.
- ibm-slapdFDProxyAdminPW
- The bind password for the Virtual Directory Server administrator user.
- ibm-slapdFDProxyAdminRole
- The administrative role associated with the admin user of Virtual Directory Server. A role can be Admin, Writer, or Reader.
|
| ibm-slapdFDProxyBackend |
1.3.18.0.2.6.689 |
Information that is related to loading Virtual Directory plug-in. |
Must attributes
- ibm-slapdPlugin
- A plug-in is a dynamically loaded library that extends the capabilities of the server. An
ibm-slapdPlugin attribute provides information to the server about how to load and
initialize a plug-in library. The syntax is: keyword filename init_function
[args...]. The syntax is slightly different for each platform due to library naming
conventions.
May attributes
- ibm-slapdProxyEnableDistDynamicGroups
- A switch that determines whether the proxy allows for dynamic group evaluation.
- ibm-slapdProxyEnableDistGroups
- Enables or disables the evaluation of all groups by the proxy server in a distributed directory
environment.
- ibm-slapdFDProxyEnableUniqueAttrAuth
- Specifies whether the Virtual Directory Serve must process authentications based on unique
attributes. Default value is
false.
- ibm-slapdFDProxyEnableIdentityJoin
- Specifies whether the user profiles stored in different backend servers, belonging to a user
must be joined during search on the user. Default value is false.
- ibm-slapdPagedResAllowNonAdmin
- Specifies whether the server must allow nonadministrator bind for paged results requests on a search
request. If the value that is read from the ibmslapd.conf file is TRUE, the
server processes any client request, including those requests that are submitted by a user binding
anonymously. If the value that is read from the ibmslapd.conf file is FALSE,
the server processes only this client requests submitted by a user with administrator authority. If
a client requests paged results with a criticality of TRUE or FALSE for a search operation, does not
have administrator authority, and the value that is read from the ibmslapd.conf
file for this attribute is FALSE, no search or paging operation is performed. The server returns
insufficientAccessRights return code.
- ibm-slapdPagedResLmt
- The maximum number of outstanding, paged-results, search requests that are allowed to be active simultaneously. For
example,
Range = 0. If a client requests a paged results operation, and a maximum
number of outstanding paged results are active, then the server a return code of busy. No search or
paging operation is performed.
- ibm-slapdSuffix
- Specifies the referral LDAP URL to pass back when the local suffixes do not match the request.
Used for superior referral. For example,
ibm-slapdSuffix is not within the server's
naming context.
|
| ibm-slapdFDProxyBackendServer |
1.3.18.0.2.6.688 |
Contains information for the Virtual Directory to connect to the backend server. |
Must attributes
- ibm-slapdFDProxyBackendRole
- Specifies the role of the backend server that is configured with the Virtual Directory server. A
role can be one of the following:
AuthenticationServer,
UpdateServer, or ReadServer.
- ibm-slapdProxyBindMethod
- The method that is used to bind to backend server. Must be one of the following:
Simple, Digest, or Kerberos.
- ibm-slapdProxyDn
- The DN that the proxy server uses to bind to backend server nodes.
- ibm-slapdProxyPw
- The password credentials that the proxy server uses to bind to a backend server node.
- ibm-slapdProxyTargetURL
- The URL of a backend server, which must be in the form: ldap:// or
ldaps://To indicate SSL use ldaps.
May attributes
- ibm-slapdProxyHealthCheckOlimit
- Specifies limit on the number of outstanding requests after which the Proxy Health Check can
mark a backend server as hung.
- ibm-slapdFDProxyTimeout
- Specifies the backend server connection timeout in seconds.
- ibm-slapdProxyConnectionPoolSize
- The number of connections to be maintained by the proxy server to an individual backend
server.
- ibm-slapdSslCertificate
- Specifies the label that identifies the server's
Personal Certificate in the
key database file. This label is specified when the server's private key and certificate are created
with the ikmgui application. If ibm-slapdSslCertificate is not
defined, the default private key, as defined in the key database file, is used by the LDAP server
for SSL connections.
- ibm-slapdSSLKeyDatabase
- The file path to the LDAP servers SSL key database file. This key database file handles SSL
connections from LDAP clients and creates secure SSL connections to replica LDAP servers. On
Windows, forward slashes are allowed, and a leading slash not preceded by a drive specifier (D:) is
assumed to be located at the installation directory. For example, /etc/key.kdb =
D:\Program Files\IBM\ldap\etc\key.kdb.
- ibm-slapdSSLKeyDatabasePW
- Specifies the password that is associated with the LDAP servers SSL key database file, as
specified on the ibm-slapdSslKeyDatabase parameter. If the LDAP servers key
database file has an associated password stash file, then the
ibm-slapdSslKeyDatabasePW parameter can be omitted, or set to
ibm-slapdSslKeyDatabasePW =
none. The password stash file must
be located in the same directory as the key database file and it must have the same file name as the
key database file with an extension of .sth instead of .kdb.
- ibm-slapdSslPKCS11Enabled
- Specifies whether
PKCS11 interface is enabled to do cryptographic operations
and key database file lookup from an installed crypto-device. The valid values are
True or False.
- ibm-slapdStatusInterval
- The interval between status checks.
|
| ibm-slapdFDProxyBackendServerGroup |
1.3.18.0.2.6.687 |
Information that is related to the backend server cluster or group that is
configured with Virtual Directory |
Must attributes
- ibm-slapdFDProxyBackendPriority
- The priority that is associated with the backend server or cluster of servers. Priority
1 being the highest.
- ibm-slapdFDProxyServerDN
- The DN of the backend server configuration stanza that is configured with the Federated Directory
Proxy Server.
- ibm-slapdFDProxySuffix
- The Federated Directory Proxy Server suffix that is mapped to the backend server or server
cluster suffix that is specified by the ibm-slapdFDProxyBackendSuffix
attribute.
- ibm-slapdFDProxyBackendSuffix
- Specifies the backend server or server cluster suffix. This suffix is mapped to Federated
Directory Proxy Server suffix ibm-slapdFDProxySuffix.
- ibm-slapdFDProxyAttrMap
- The map of Federeted Directory Proxy Server attribute to backend server attribute.
- Format: FDProxy attribute $ Backend attribute $ [normal |
critical | sensitive].
- ibm-slapdFDProxyBackendServerVendor
- The vendor of the backend server. One of ActiveDirectory, SecurityDirectoryServer,
SunDirectory, OpenLDAP, CustomLDAP.
May attributes
- ibm-slapdFDProxyBackendReadOnly
- Specifies whether the server or server cluster is read-only. Default value is
false.
- ibm-slapdFDProxyBackendUniqueAttr
- Specifies the unique attribute for the backend server that is configured with Federated
Directory Proxy Server.
- ibm-slapdFDProxyBackendGroupOCName
- A list of the group entity object class names that are supported by the backend server that is
configured with Federated Directory Proxy Server.
- ibm-slapdFDProxyBackendMemberAttr
- A list of the member attribute names of the group entity that is supported by the backend server that is
configured with Federated Directory Proxy Server.
- ibm-slapdFDProxyBackendPersonOCName
- A list of the person entity object class names that are supported by the backend server that is
configured with Federated Directory Proxy Server.
- ibm-slapdFDProxyBackendOrgOCName
- A list of the organizational entity object class names that are supported by the backend server that is
configured with Federated Directory Proxy Server.
|