Configuring Multiple Ldap Servers For Failover - Novell SENTINEL 6.1 SP2 - INSTALLATION GUIDE 02-2010 Installation Manual

Hide thumbs Also See for SENTINEL 6.1 SP2 - INSTALLATION GUIDE 02-2010:

Reference manual (232 pages)

Table Of Contents

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

133

134

135

136

137

138

139

140

141

142

143

144

145

146

147

148

149

150

151

152

153

154

155

156

157

158

159

160

161

162

163

164

165

166

167

168

169

170

171

172

173

174

175

176

Table of Contents

LdapLogin {

com.sun.security.auth.module.LdapLoginModule required

userProvider="ldap://137.65.151.12:636/DC=Test-

AD,DC=provo,DC=novell,DC=com"

authIdentity="{USERNAME}@Test-AD.provo.novell.com"

userFilter="(&(sAMAccountName={USERNAME})(objectclass=user))"

useSSL=true;

};

4 Restart the Sentinel service:

/etc/init.d/sentinel stop

/etc/init.d/sentinel start

You have successfully configured the Sentinel 6.1 server for LDAP authentication, and now you can

create Sentinel LDAP user accounts in the Sentinel Control Center. For more information on

creating LDAP user accounts, see

User Guide.

NOTE: To modify an existing LDAP configuration, run the

specify the new values for the parameters.

3.10.2 Configuring Multiple LDAP Servers for Failover

You can configure multiple LDAP servers for failover only on Windows and Linux platforms.

To configure one or more LDAP servers as failover servers for LDAP authentication:

1 Log in to the Sentinel server as

2 Stop the Sentinel service.

/etc/init.d/sentinel stop

3 Change to the

cd <Install_Directory>/config

4 Open the

vi auth.login

5 Update the

each URL by a blank space.

For example:

userProvider="ldap://ldap-url1 ldap://ldap-url2"

NOTE: For Active Directory, ensure that the subtree in the LDAP URL is not blank.

For more information on specifying multiple LDAP URLs, see the description of the

userProvider

security/jaas/spec/com/sun/security/auth/module/LdapLoginModule.html).

6 Save the changes.

7 Export the certificate of each failover LDAP server and copy the certificate file to the

<Install_Directory>/config

For more information, see

Authentication" on page

Sentinel 6.1 Installation Guide

"Creating an LDAP User Account for

esecadm

<Install_Directory>/config

file for editing.

auth.login

in the LdapLogin section to specify multiple LDAP URLs. Separate

userProvider

option in

Class LdapLogin Module (http://java.sun.com/javase/6/docs/jre/api/

directory on the Sentinel 6.1 server.

Step 1

in section

62.

ldap_auth_config

directory:

"Configuring the Sentinel 6.1 Server for LDAP

Sentinel" in the Sentinel 6.1

script again and

Table of Contents

This manual is also suitable for:

Sentinel 6.1 sp2

Configuring Multiple Ldap Servers For Failover - Novell SENTINEL 6.1 SP2 - INSTALLATION GUIDE 02-2010 Installation Manual

3.10.2 Configuring Multiple LDAP Servers for Failover

Related Manuals for Novell SENTINEL 6.1 SP2 - INSTALLATION GUIDE 02-2010

Related Content for Novell SENTINEL 6.1 SP2 - INSTALLATION GUIDE 02-2010

This manual is also suitable for:

Table of Contents