Using the command line

Edit online

You can use the commands provided here at command line to configure the DIGEST-MD5 mechanism.

About this task

To create the cn=Digest,cn=configuration entry, enter the command: 
idsldapadd -D <adminDN> -w <adminpw> -i <filename>
where <filename> contains: 
dn: cn=Digest,cn=configuration
cn: Digest
ibm-slapdDigestRealm: <realm name>
ibm-slapdDigestAttr: <uuid>
ibm-slapdDigestAdminUser: <Adminuser>
ibm-slapdDigestEnabled: true
objectclass:top
objectclass: ibm-slapdConfigEntry
objectclass: ibm-slapdDigest
To change the settings for DIGEST-MD5, issue the following command: 
idsldapmodify -D <adminDN> -w <adminpw> -i <filename>
where <filename> contains: 
dn: cn=Digest,cn=configuration
changetype: modify
replace: ibm-slapdDigestRealm
ibm-slapdDigestRealm: <newrealmname>
-
replace: ibm-slapdDigestAttr
ibm-slapdDigestAttr: <newattribute>
-
replace: ibm-slapdDigestAdminUser
ibm-slapdDigestAdminUser: <newAdminuser>
Given below is an example of how a user can bind to the server using the Digest MD5 mechanism: 
idsldapsearch -h <ldaphost> -p ldapport -U <username> -w <password> -m DIGEST-MD5 
 -G <realm> -b o=sample cn=gw*
Note: To perform a Digest MD5 bind it is necessary to specify the -h <hostname> option. The <hostname> parameter must be the IP address or FQDN (fully qualified domain name) of that Security Verify Directory machine, even if the bind is performed from local machine. Specifying localhost or loopback IP address as value of -h may lead to error.