Restricting Access To The Internal Database - Red Hat CERTIFICATE SYSTEM 8.0 - ADMINISTRATION Admin Manual
Hide thumbs
Also See for CERTIFICATE SYSTEM 8.0 - ADMINISTRATION:
- Using manual (48 pages) ,
- Agents manual (146 pages) ,
- Manual (124 pages)
Table of Contents
Advertisement
cd /var/lib/subsystem_name/conf
10. Open the CS.cfg file.
11. Edit the following lines to the indicated values:
internaldb._000=##
internaldb._001=## Internal Database
internaldb._002=##
internaldb.basedn=dc=server.example.com-instance_name
internaldb.database=server.example.com-instance_name
internaldb.maxConns=15
internaldb.minConns=3
internaldb.ldapauth.authtype=SslClientAuth
internaldb.ldapauth.bindDN=cn=Directory Manager
internaldb.ldapauth.bindPWPrompt=Internal LDAP Database
internaldb.ldapauth.clientCertNickname=user_certificate_nickname
internaldb.ldapconn.host=LDAP_host
internaldb.ldapconn.port=SSL_port
internaldb.ldapconn.secureConn=true
internaldb.multipleSuffix.enable=false
12. Start the Certificate System instance.
service subsystem_name start
13.5.3. Restricting Access to the Internal Database
The Red Hat Directory Server Console displays an entry or icon for the Directory Server instance that
the Certificate System uses as its internal database.
Unlike the Certificate System Console, in which access is restricted to users with Certificate System
administrator privileges, the Directory Server Console can be accessed by any user. The user can
open the Directory Server Console for the internal database and change to the data stored there,
such as deleting users from the Certificate System administrators group or adding his own entry to the
group.
Access can be restricted to the internal database to only those users who know the Directory Manager
DN and password. This password can be changed by modifying the single sign-on password cache.
1. Log into the Directory Server Console.
2. Select the Certificate System internal database entry, and click Open.
3. Select the Configuration tab.
4. In the navigation tree, expand Plug-ins, and select Pass-Through Authentication.
5. In the right pane, deselect the Enable plugin checkbox.
6. Click Save.
The server prompts to restart the server.
7. Click the Tasks tab, and click Restart the Directory Server.
Restricting Access to the Internal Database
317
Advertisement
Table of Contents
Need help?
Do you have a question about the CERTIFICATE SYSTEM 8.0 - ADMINISTRATION and is the answer not in the manual?