1. Manuals
  2. Brands
  3. Red Hat Manuals
  4. Server
  5. DIRECTORY SERVER 7.1 - GATEWAY CUSTOMIZATION
  6. Manual

Red Hat DIRECTORY SERVER 7.1 - GATEWAY CUSTOMIZATION Manual

Gateway customization guide
Hide thumbs
Table of Contents

Advertisement

Quick Links

Download this manual
Gateway Customization Guide
Red Hat Directory Server
Version 7.1
April 2005

Advertisement

Table of Contents
loading

Related Manuals for Red Hat DIRECTORY SERVER 7.1 - GATEWAY CUSTOMIZATION

Summary of Contents for Red Hat DIRECTORY SERVER 7.1 - GATEWAY CUSTOMIZATION

  • Page 1 Gateway Customization Guide Red Hat Directory Server Version 7.1 April 2005...
  • Page 2 All other trademarks referenced herein are the property of their respective owners. The GPG fingerprint of the security@redhat.com key is: CA 20 86 86 2B D6 9D FC 65 F6 EC C4 21 91 80 CD DB 42 A6 0E...

  • Page 3: Table Of Contents

    Contents List of Tables ................13 List of Figures .
  • Page 4 Chapter 2 Setting Up the Gateway ............29 Gateway Installation Planning .
  • Page 5 Setting Up Locales for Translation ............46 dsgw-l10n.conf .
  • Page 6 Modifying Search Attributes for Advanced Searches ..........69 Standard and Advanced Searches .
  • Page 7 Format ................93 Example .
  • Page 8 Example ............... . . 101 securitypath .
  • Page 9 Arguments ............... 115 DS_POSTEDVALUE .
  • Page 10 Arguments for ELSE and ENDIF ........... . . 121 Examples .
  • Page 11 domodify ............... . 128 newentry .
  • Page 12 Red Hat Directory Server Gateway Customization Guide • April 2005...

  • Page 13: Preface

    Preface The descriptions, instructions, and examples in this guide can be used to create and modify a gateway instance to suit the needs of users in your organization. The preface contains the following sections: • Prerequisite Reading (page 17) • Conventions Used in This Book (page 18) •...

  • Page 14: Conventions Used In This Book

    For example, if you gave the server an identifier of , then phonebook the actual path would look like this: /usr/redhat/servers/slapd-phonebook/. . . • All paths specified in this manual are in UNIX format. If you are using a Windows-based Directory Server, you should assume the equivalent file paths whenever UNIX file paths are shown in this book.
  • Page 15 Server DSML Gateway function and explains how to customize it for use as an independent gateway. For a list of documentation installed with Directory Server, open the file. serverRoot/manual/en/slapd/index.htm For the latest information about Directory Server, including current release notes, complete product documentation, technical notes, and deployment information, check this site: http://www.redhat.com/docs/manuals/dir-server/ Preface...
  • Page 16 Related Information Red Hat Directory Server Gateway Customization Guide • April 2005...

  • Page 17: Chapter 1 Introduction

    Chapter 1 Introduction This chapter describes the gateway functionality of Red Hat Directory Server (Directory Server). The chapter contains the following sections: • What Is a Gateway? (page 21) • Directory Express and Default Gateway (page 23) • Support for Multiple Gateway Instances (page 25) •...

  • Page 18: Gateways Installed With Directory Server

    What Is a Gateway? Gateways Installed with Directory Server Two gateway instances are installed during Directory Server installation: the default gateway and Directory Express. Both gateways are configured to use the suffix set when the Directory Server was configured and non-SSL (Secure Socket Layer) communications.

  • Page 19: Directory Express

    Directory Express and Default Gateway Directory Express The configuration file for Directory Express is serverRoot/clients/dsgw/context/pb.conf During Directory Server installation, Directory Express is configured to use the Red Hat Administration Server installed with the directory as its HTTP server. Following Directory Server installation, Directory Express can be accessed from http://adminHost:adminPort/ or directly using this URL: adminHost...
  • Page 20 Directory Express and Default Gateway Figure 1-1 Directory Express: Search Result Figure 1-2 Directory Express: Extended Search Results Red Hat Directory Server Gateway Customization Guide • April 2005...

  • Page 21: Default Gateway (Dsgw.conf)

    Support for Multiple Gateway Instances Default Gateway (dsgw.conf) In addition to the standard search form, the default gateway provides an advanced search form, a Directory Server authentication form, and a form for adding and modifying entries. Figure 1-3 Default Gateway Support for Multiple Gateway Instances Directory Server supports multiple gateway instances —...

  • Page 22: Specifying Gateway Configuration To Gateway Cgis

    Support for Multiple Gateway Instances Specifying Gateway Configuration to Gateway CGIs Information about which file to use is communicated in the using .conf QUERY STRING and through a hidden variable on a POST GET Operations (GCONTEXT) In a operation, gateway CGIs get the gateway context from the in the QUERY STRING URL.

  • Page 23: Anonymous And Non-Anonymous Searching

    Anonymous and Non-Anonymous Searching http://adminHost:adminPort/clients/dsgw/bin/lang?context=<context> The default gateway and Directory Express are available from the page for the Red Hat Administration Server ( http://adminHost:adminPort Anonymous and Non-Anonymous Searching The gateway supports both anonymous and non-anonymous searching. Anonymous searching provides basic permissions for accessing information in the user directory. A bind DN and bind password, stored in a , can be set up for users to authenticate to binddnfile...
  • Page 24 Automatic Updates to Directory Configuration script runs automatically for gateways installed on the Red Hat updatedsgw Administration Server managing the Directory Server instance. When the server port or root DN (or other settings, such as directory manager) for a Directory Server instance is changed, the Red Hat Administration Server managing the Directory Server instance runs script.

  • Page 25: Chapter 2 Setting Up The Gateway

    Chapter 2 Setting Up the Gateway This chapter describes the planning decisions and tasks required to install and initially configure a gateway for access by end users. The chapter contains the following sections: • Gateway Installation Planning (page 29) • HTTP Server Configuration (page 32) •...

  • Page 26: Gateway Cloning

    Gateway Installation Planning Two gateway instances are installed during Directory Server installation: Red Hat Directory Express (Directory Express) and the default gateway. The configuration files ) for the two instances are stored in the pb.conf dsgw.conf directory. Additional gateways can be created by serverRoot/clients/dsgw/context customizing Directory Express or the default gateway.

  • Page 27: Protecting Bind Dn And Password

    Gateway Installation Planning Protecting Bind DN and Password The gateway configuration files reference files that contain sensitive information, including parameter containing the bind DN and bind password used to permit binddnfile non-anonymous searching of the directory. The should not be stored under binddnfile the gateway configuration directory ( ) or in any directory that is...

  • Page 28: Running The Gateway In High-Usage Networks

    HTTP Server Configuration There are many factors affecting gateway performance on an HTTP server, including the following: • The number of users accessing the gateway at a given time. • The complexity of the directory searches performed and the search results required. •...

  • Page 29: Name Translation Mapping

    HTTP Server Configuration Name Translation Mapping The HTTP server uses Name Translation mapping to translate a virtual path provided by a gateway client to a physical path used by an HTTP server. This Name Translation mapping specifies the gateway’s HTML directory. The gateway’s CGIs use this information to output the correct URL (HTTP redirection).
  • Page 30 The configuration procedures outlined in this section assume that a Red Hat Enterprise Server is installed and configured to communicate with Directory Server. For Red Hat Enterprise Server documentation, check this site: http://www.redhat.com/docs/manuals/dir-server/ For configuring other HTTP servers, follow the documentation that came with the product.
  • Page 31 HTTP Server Configuration Add an additional document directory. Adding an additional document directory is necessary to establish access to the gateway files. For additional information, see http://enterprise.netscape.com/docs/enterprise/611/admin/esco ntnt.htm#22280 From the Class Manager for the Red Hat Enterprise Server: Select Content Management > Additional Document Directories. In the URL Prefix field, enter this: clients/dsgw In the Map to Directory field, enter this (replace...

  • Page 32: Creating A New Gateway Instance

    Creating a New Gateway Instance webserverHost webserverPort http:// /clients/dsgw/bin/search where is the HTTP server’s hostname and is the port webserverHost webserverPort number used by the server. When the HTTP server is using the standard HTTP port number (80), the port number does not need to be included in the URL. Creating a New Gateway Instance These instructions assume that the new gateway instance will run under the Red Hat Administration Server or a similarly capable HTTP server.

  • Page 33: Gateway Cloning

    Gateway .conf File Configuration To access the new gateway instance (in this example, ) navigate the example.conf browser to this URL: adminHost adminPort http:// /clients/dsgw/bin/lang?context=example Gateway Cloning The HTML and template directories for one gateway can serve as the HTML and template directory for many others.

  • Page 34: Configuring The Directory Manager Dn

    Gateway .conf File Configuration It is strongly recommended that you use a different directory manager account for the gateway, an account other than . Once you setup the new cn=Directory Manager directory manager account (for example, ), use cn=gateway manager,cn=config ACLs to restrict access to applicable sub suffixes and the user entries under those sub suffixes.

  • Page 35: Setting Up The Suffix For Adding Entries

    Gateway .conf File Configuration Figure 2-1 Authenticating as Directory Manager Setting Up the Suffix for Adding Entries parameter is defined in and identifies the suffix under location-suffix dsgw.conf which the gateway creates new entries in the directory. The parameter location-suffix can point to any suffix in a directory.

  • Page 36: Configuring The Gateway To Use Ssl

    Configuring the Gateway to Use SSL parameter specifies the location of the certificate database. For securitypath example, you can specify the path to the certificate database as follows: securitypath “/usr/redhat/servers/alias/slapd-testDir-cert8.db” The following example shows the parameter configured to use (instead...

  • Page 37: Language Support For Http Clients

    Configuring Gateway Clients Language Support for HTTP Clients When a user accesses information in the directory from an HTTP client — through the gateway or another HTTP-based LDAP interface — the client provides the Directory Server with information indicating the optimal character set and collation order to use in transmitting information to the browser.

  • Page 38: Customizing Communicator's Ldap Settings

    Configuring Gateway Clients Customizing Communicator’s LDAP Settings Administrators can reconfigure Javascript preference settings in Communicator to allow users to interact with information stored in the user directory. • In the Address Book and Select Address dialog boxes (accessible from the mail composition window), users can enter one string of search criteria to search an LDAP directory for matching names.

  • Page 39: Chapter 3 Gateway Localization

    Chapter 3 Gateway Localization This chapter describes gateway localization and identifies the tasks required to set up additional gateway locales. The chapter contains the following sections: • Unicode and Support for UTF-8 (page 43) • How the Gateway Selects a Character Set (page 44) •...

  • Page 40: How The Gateway Selects A Character Set

    How the Gateway Selects a Character Set How the Gateway Selects a Character Set The gateway can output web pages in many character sets. The gateway selects a character set for each HTTP client based on a combination of input from the client and from the gateway's configuration files.

  • Page 41: Http Clients That Do Not Request Utf-8

    Special Characters HTTP Clients that Do Not Request UTF-8 For browsers that do not request UTF-8 by default, the gateway selects a character set from request header or from the request header, Accept-Charset Accept-Language depending on the HTTP client. Some HTTP clients don't request any character set information. For these clients, the gateway's charset parameter definition is the default.

  • Page 42: Gateway Locales

    Gateway Locales This works around a problem with Japanese NT, which garbles environment variables that are in UTF-8 (or any charset except ). The Web server passes information to Shift_JIS the gateway CGI programs in environment variables, but the query string environment variable is URL-encoded, so it can handle UTF-8 (from Windows' point $QUERY_STRING...

  • Page 43: Dsgw-L10N.conf

    Setting Up Locales for Translation dsgw-l10n.conf provides translation in the Search and Advanced Search pull-down dsgw-l10n.conf menus for the default gateway ( ). If is not present in the dsgw.conf dsgw-l10n.conf directory, translation of the UI does not occur and English characters /config/lang appear in the pull-down menus for Standard Search and Advanced Search.
  • Page 44 Setting Up Locales for Translation Red Hat Directory Server Gateway Customization Guide • April 2005...

  • Page 45: Chapter 4 File Controlling Gateway Functionality

    Chapter 4 File Controlling Gateway Functionality This chapter provides examples of customized gateways. The chapter contains the following sections: • Files Controlling Gateway Functionality (page 49) • Gateway .conf Files (page 51) • Gateway Search Configuration Files (page 51) • Object Class Templates (page 52) •...

  • Page 46: Gateway .Conf Files

    Gateway .conf Files Files that control gateway functionality are described in Table 4-1. Table 4-1 Gateway File Types and Locations Files Function Location Gateway .conf Define basic configuration serverRoot/clients/dsgw/context files parameters for the gateway and specify the HTML and template directory. (See “Gateway .conf Files”...

  • Page 47: Dsgw.conf

    Gateway Search Configuration Files • The locations where new entries can be created within the directory. • The types of entries that can be created. • The search base. • Whether the gateway uses SSL communications. dsgw.conf is the configuration file for the default gateway. is invoked at: dsgw.conf dsgw.conf...

  • Page 48: Object Class Templates

    Object Class Templates Object Class Templates The gateway contains a template file for each object class defined in the gateway. To modify how the gateway displays an entry type, edit the corresponding template file. To add gateway support for a new object class, create a new template file, or modify an existing one.

  • Page 49: Gateway Search Result Templates

    Gateway Search Result Templates Table 4-3 Gateway Forms and Corresponding Script Files Set of Forms Corresponding Script Files Authentication forms authPassword.html authSearch.html Standard search forms searchString.html Advanced search forms csearchAttr.html csearchBase.html csearchMatch.html csearchString.html csearchType.html Newentry forms newentry.html newentryType.html newentryName.html Gateway Search Result Templates Search result templates control how the results of a standard or advanced search are displayed when more than one entry is found.

  • Page 50: Banner Files

    Banner Files Chapter 6, “Search Attributes, Filters, and Results,” describes how search result templates can be edited to modify the display of search results. Banner Files Banner files identified in Table 4-5 are used to specify the banner and button images that appear in gateway forms.

  • Page 51: Chapter 5 Editing Entry Types

    Chapter 5 Editing Entry Types This chapter describes how entry type formats — defined by object classes and their attributes — can be controlled by editing parameters in the file. The chapter dsgw.conf contains the following sections: • Entry Types (Object Classes) (page 55) •...

  • Page 52: Template

    Entry Types (Object Classes) template parameter is used to map the gateway’s HTML templates for entry types template to the Directory Server’s LDAP object classes. location parameter is used to define points in the directory tree where new entries location can be added.

  • Page 53: Considerations For Adding New Entry Types

    Mapping Locations and Entry Types Considerations for Adding New Entry Types Before adding support for a new entry type (object class), decide: • Where will the new entry be created? If a parameter is not set up to point to the location where the new entry type location will be created, add a new parameter to the...

  • Page 54: Setting Up Organizational Units

    Mapping Locations and Entry Types location country "United States" "c=US#" location "This Organization" "" location groups "Organizational Groups" "ou=Groups" location acct "Accounting" "ou=Accounting" location "Human Resources" "ou=Human Resources" location "Payroll" "ou=Payroll" location "Product Development" "ou=Product Development" location test "Product Testing" "ou=Product Testing"...

  • Page 55: Uid-Based Dn

    Object Class Attributes in Template Files UID-Based DN When a person or Windows person entry is added to the directory, the gateway prompts for a unique DN. The unique DN is typically the user ID of a person in the organization. Although DN formats can be based on the common names of employees in the organization, common names are frequently not unique within an organization.

  • Page 56: Default Gateway Object Classes

    Object Class Attributes in Template Files Default Gateway Object Classes The default gateway supports the object classes listed in Table 5-1. Table 5-1 Default Object Classes Default Gateway Object Class Related Template File domain component display-dc.html groupOfNames display-group.html groupOfUniqueNames display-groupun.html ntGroup display-ntgroup.html organization...

  • Page 57: Adding Attributes To Object Classes

    Object Class Attributes in Template Files Adding Attributes to Object Classes Adding an attribute to an object class requires adding an additional row to the HTML table in the template file where the object class is defined. The syntax in the following example defines an attribute for the Initials orgperson...

  • Page 58: Extending Object Classes

    Object Class Attributes in Template Files Insert a null pair to replace the deleted attribute. <TR> “ ” <TD VALIGN= NOWRAP>Pager:</TD> “ ” <TD VALIGN= NOWRAP><B> “ ” “ ” “ ” <!-- DS ATTRIBUTE attr=pager syntax=tel cols=>16 --> </B></TD> <TD>&nbsp;</TD>...
  • Page 59 Object Class Attributes in Template Files Edit the third line in the template file to indicate the name of the new directory entry type. Change: <!-- inet. organizational person directory entry --> <!-- example person directory entry --> Edit the directive to include the new object class.

  • Page 60: Creating A New Parent Object Class

    Object Class Attributes in Template Files Define a parameter in for the object class template dsgw.conf examplePerson template exampleperson person inetorgperson exampleperson This will instruct the gateway to display the entry type according to exampleperson the template defined for the object class examplePerson display-exampleperson.html...

  • Page 61: Chapter 6 Search Attributes, Filters, And Results

    Chapter 6 Search Attributes, Filters, and Results This chapter describes the files that control how the gateway searches for objects and describes how to add search support for a new object. The chapter contains the following sections: • Search Configuration Files (page 67) •...

  • Page 62: Dsgwfilter.conf

    Changing Search Scope • The label of the search attribute as it is displayed in the Find drop-down list on the Search form . • The object class attribute to search on. • Match types to use in search results. NOTE Define new search preferences in whenever a...

  • Page 63: Modifying Search Attributes For Advanced Searches

    Modifying Search Attributes for Advanced Searches Table 6-1 Valid Search Scopes (Continued) Search Scope Tells the Gateway to... Not to search in the entry specified in the baseurl parameter but onelevel search in the most immediate children of the entry. Search the entry specified in the baseurl parameter and all of its subtree children.
  • Page 64 Modifying Search Attributes for Advanced Searches Figure 6-1 Advanced Search Form: Search Results The figures that follow show the matching patterns that can be selected in the Advanced Search form. Figure 6-2 shows the entry type pop-up menu on the Advanced Search form. Red Hat Directory Server Gateway Customization Guide •...
  • Page 65 Modifying Search Attributes for Advanced Searches Figure 6-2 Advanced Search Form: Entry Type Figure 6-3 shows the attribute pop-up menu on the Advanced Search form. Figure 6-3 Advanced Search Form: Attribute Figure 6-4 shows the matching filter pop-up menu on the Advanced Search form. Chapter 6 Search Attributes, Filters, and Results...

  • Page 66: Specifying Search Attributes For Person

    Modifying Search Attributes for Advanced Searches Figure 6-4 Advanced Search Form: Matching Filter Specifying Search Attributes for Person syntax in the following example specifies that the dsgwsearchprefs.conf , and attributes will be used in a search for person telephoneNumber mail title entries: People...

  • Page 67: Directory Express Search Support For User Id

    Modifying Search Attributes for Advanced Searches The third column contains a string of six bits. Each bit position in the string maps to a match type, as shown in Table 6-2. A value of 1 indicates that the match type is valid for the associated attribute.

  • Page 68: Adding Search Support For A New Object

    Adding Search Support for a New Object "dsgw-people" subtree "full name" 111111 "" "" "last name" 111111 "" "" "phone number" "telephoneNumber" 111011 "" "" "e-mail address" "mail" 111111 "" "" "user id" "uid" 111111 "" "" "title" title 111111 ""...

  • Page 69: Creating A New Search Object

    Adding Search Support for a New Object People "" "Search for": "(&(objectClass=person)(objectClass=examplePerson)" "dsgw-people" subtree "full name" 111111 "" "" "last name" 111111 "" "" "phone number" "telephoneNumber" 111011 "" "" "e-mail address" "mail" 111111 "" "" "user id" "uid" 111111 ""...

  • Page 70: Modifying Default Search Filters

    Modifying Default Search Filters not-used-by-dsgw not-used-by-dsgw subtree "name" "cn" 111111 "" "" "location" "l" 111111 "" "" "occupant" "roleOccupant" 111111 "" "" "description" "description" 111011 "" "" "phone number" "telephoneNumber" 111011 "" "" "is" "(%a=%v))" "is not" "(!(%a=%v)))" "sounds like" "(%a~=%v))"...

  • Page 71: Search Filters For User Data Patterns

    Modifying Default Search Filters • Search Filters for User Data Patterns • Specifying a Search Filter for a New Object Search Filters for User Data Patterns This example shows typical search filter syntax for any search string containing the @ symbol.

  • Page 72: Customizing Search Result Templates

    Customizing Search Result Templates Customizing Search Result Templates The following sections describe how the gateway displays search results and contains procedures for customizing the gateway search result templates: • How the Gateway Displays Search Results • Modifying Search Result Templates How the Gateway Displays Search Results When a user submits a standard search or advanced search from the gateway, the gateway constructs a search string and filter for the corresponding search object and queries the...

  • Page 73: Table 6-3 Default Search Results For Search Objects

    Customizing Search Result Templates Figure 6-5 Search Results Table 6-3 lists the default gateway search objects and the information displayed on the search results list. Search results templates are stored in the directory and use the file serverRoot/clients/dsgw/config list-search object.html naming convention.

  • Page 74: Modifying Search Result Templates

    Customizing Search Result Templates Table 6-3 Default Search Results for Search Objects (Continued) Search Object Search Result Template Used Search Results Displayed Org-Units Organizational unit name, description, list-Org-Units.html and phone number. Anything Name, phone number, e-mail address, list-Anything.html and description. A new search result template is required for each new object class that is not a child of another object class.

  • Page 75: Removing Information From Search Results

    Customizing Search Result Templates <!-- DS_ATTRIBUTE "attr=title" --></TD> <TD NOWRAP> <!-- DS_ATTRIBUTE "attr=ou" "syntax=cis" --></TD> </TR> The additional HTML table heading adds the Organizational Unit label to the syntax heading row of the table. The additional directive syntax adds a cell to the DS_ATTRIBUTE body row of the table indicating that the information is stored in the attribute of the entry...
  • Page 76 Customizing Search Result Templates Red Hat Directory Server Gateway Customization Guide • April 2005...

  • Page 77: Chapter 7 Customizing Graphics And Color

    Chapter 7 Customizing Graphics and Color This chapter describes how to change the appearance of default gateway forms. The chapter contains the following sections: • Appearance of Gateway Forms (page 83) • Banner Image (page 83) • Button Images (page 84) •...

  • Page 78: Updating The Banner Image (Title.gif)

    Button Images Updating the Banner Image (title.gif) The following sections describe how to change the dimensions of the banner image as well as how to change the banner image filename. Changing Dimensions of Banner Image The default banner image has a height of 40 pixels and a width of 530 pixels. When using a banner image with a different pixel height and width, change the specifications of the image in all files in where the image is referenced:...

  • Page 79: Updating Button Images

    Button Images Table 7-1 Button Images (Continued) Button Image Description Used on the searchtitle.html page. stsearch_on.gif Used in the maintitle.html, adsearch_off.gif authtitle.html, searchtitle.html, and newentrytitle.html pages. Used on the csearchtitle.html page. adsearch_on.gif Used in the maintitle.html, newentry_off.gif authtitle.html, csearchtitle.html, and searchtitle.html pages.

  • Page 80: Color Schemes

    Color Schemes Color Schemes Changing the color schemes for a form requires editing the files that make up a gateway form. The procedure for changing colors depends on the gateway file type. • Files Controlling Colors on Gateway Forms • Changing Colors Using BODY Tag •...

  • Page 81: Changing Colors Using Body Tag

    Color Schemes Table 7-2 Files Controlling Appearance of Gateway Forms (Continued) To Change Colors on the ... Edit File Type New entry forms banner newentrytitle.html script newentryType.html script newentryName.html template display-*.html View or edit entry forms template display-*.html Changing Colors Using BODY Tag Table 7-3 lists the five standard color attributes that can be changed.

  • Page 82: Changing Table Colors

    Changing Table Colors In the example, the attribute is a standard HTML attribute, and color is an RGB %color color value in the form (or a standard color name, such as aquamarine). #rrggbb Changing Table Colors The following sections describe procedures for customizing the color of tables: •...

  • Page 83: Changing Color Of Table Headings

    Changing Table Colors Table 7-4 Sixteen Standard Colors and Their Hexadecimal Values (Continued) Color Name Hexadecimal Value olive #808000 yellow #FFFF00 navy #000080 blue #0000FF teal #008080 aqua #00FFFF Changing Color of Table Headings To change the color of table heading text, edit the following lines within the template file: <TR BGCOLOR=006666 COLSPAN=4><FONT FACE=ARIAL, HELVETICA COLOR=WHITE>...
  • Page 84 Changing Table Colors Red Hat Directory Server Gateway Customization Guide • April 2005...

  • Page 85: Appendix A Parameters Defined In The .Conf File

    Appendix A Parameters Defined in the .conf File files are installed during Red Hat Directory Server dsgw.conf pb.conf (Directory Server) installation. This appendix describes the configuration parameters defined in these files. Associated directives are described in Appendix B, “Gateway Directives.” authlifetime Specifies the amount of time in seconds before a user’s authentication expires in the gateway.

  • Page 86: Baseurl

    baseurl baseurl Specifies the host name and port number used to contact the Directory Server. This parameter also determines the search base used for searches performed from the gateway and whether the gateway uses SSL to communicate with the Directory Server. Format baseurl [ldap | ldaps]://dirHost:dirPort/searchBase ldap | ldaps.

  • Page 87: Format

    changeHTML Format binddnfile binddn_filename Example binddnfile /export/TEST/binddnfile changeHTML Used by the gateway to substitute ideographic space for non-breaking space (nbsp) in Asian character sets. Format changeHTML nbsp_from nbsp_to charset Example changeHTML <space character> <space charac ter> Shift_JIS charset Defines the default character set for communication with HTTP clients. The default is UTF-8 (Unicode), which supports all the characters in the Directory Server.

  • Page 88: Format

    configdir More information: “ignoreAcceptCharsetFrom,” on page 97 Format charset character_set Example charset UTF-8 For more information about charsets, see RFC 1345, which defines the syntax of charset names. configdir Specifies the location of the configuration directory of the gateway. These include the object class templates, search configuration files, search result templates, and script files used to generate HTML forms dynamically for the user.

  • Page 89: Example

    enable-aim-presence Example dirmgr "cn=Directory Manager, o=example.com" For information on the root DN and on setting permissions for the directory, see the Red Hat Directory Server Administrator’s Guide. enable-aim-presence Specifies the AIM® presence (online or offline) of a user by displaying or hiding the AIM icon in the Directory Server Gateway UI.

  • Page 90: Format

    gwnametrans <!-- DS_ATTRIBUTE "attr=nsaimstatustext" "options=quoted" --> //// Uncomment the above DS_ATTRIBUTE directive and remove the //// //// double quotes to have aim presence in search results lists //// Once this is done, listings of multiple users will show AIM presence for each user. NOTE By default, are used for AIM ID and...

  • Page 91: Htmldir

    htmldir htmldir Specifies the location of the HTML files for the gateway. These include the HTML files controlling the appearance of gateway forms. The HTML directory for the default gateway ( ) is . The HTML dsgw.conf ../html directory for Directory Express ( ) is pb.conf ../pbhtml...

  • Page 92: Location

    location location Defines the location choices selectable from the gateway when adding new entries. Each parameter represents a branch point in the directory tree below which new location entries can be added. Format location handle "friendly_name""dn" handle. An arbitrary string used by the parameter to map a type of location-suffix entry to the locations where the entry can be created.

  • Page 93: Location-Suffix

    location-suffix location-suffix Identifies the directory suffix used to create new entries in the directory. This value is appended to the DN field of the parameter when the gateway is used to create new entries in the directory. Format location-suffix "suffix" Example location-suffix "o=example.com"...

  • Page 94: Example

    rdnattr. The attribute used to name entries of this type. For example, the default value for field for people entries is . This means that any people entries created rdnattr using the gateway will have DNs of the following format: uid=string field can be modified so that entries are named using a different attribute.

  • Page 95: Format

    Identifies the location of the certificate database used by the gateway when using SSL to communicate with the Directory Server. The certificate database contains the Certificate Authority issuing the certificate for the Directory Server. Format securitypath "/usr/redhat/servers/alias/cert.db" Example securitypath "/usr/redhat/servers/alias/pb-cert.db" template Maps specific object classes to internal gateway templates.

  • Page 96: Url-Orgchart-Base

    url-orgchart-base template orgperson person inetorgperson url-orgchart-base Points to the Org Chart application, providing a link to the Org Chart application from the Directory Server Gateway UI pages. By default, the Directory Server installation program sets the base to use the Red Hat Administration Server as the web server. You can change the host name and port number to be that of a dedicated web server.

  • Page 97: Vcard-Property

    vcard-property Format vcard-property vcardprop syntax ldapattr [ldapattr2...] vcardprop. The name of a vCard property. vCard properties that are currently mapped to LDAP attributes are: • FN — The Formatted Name property. All vCards must have an FN property. By default, FN is mapped to the attribute.

  • Page 98: Example

    vcard-property syntax. A string that describes the nature of the vCard information. The following syntaxes are supported: • cis — used for simple strings, such as a person’s name or telephone number. • mls — used for multi-line strings, such as a mailing address. ldapattr [ldapattr2...].

  • Page 99: Appendix B Gateway Directives

    Appendix B Gateway Directives This appendix describes directives used in gateway HTML object class and search result templates. The appendix contains the following sections: • Introduction (page 107) • Context-Related Directives (page 109) • Entry-Related Directives (page 110) • Miscellaneous Directives (page 122) Introduction The display of LDAP directory information is controlled by HTML template files containing directives.

  • Page 100: Structure Of An Html Template

    Introduction Structure of an HTML Template Directory entry display, edit, and add templates generally have the following structure: <HTML> <HEAD> <!-- DS_ENTRYBEGIN --> <!-- DS_EMIT_BASE_HREF --> <!-- BODY --> <!-- DS_LAST_OP_INFO --> <!-- DS_BEGIN_ENTRYFORM --> <!-- attribute directives, e.g., --> <!-- DS_ATTRIBUTE "attr=givenName"...

  • Page 101: Context-Related Directives

    Context-Related Directives Context-Related Directives The context-related directives appear within a line and are not GCONTEXT PCONTEXT required to appear at the beginning of a line. This is an exception to the rule. All other directives must appear at the beginning of a line to be recognized by the Directory Server. GCONTEXT directive appears within a URL and is used in the invocation of <!-- GCONTEXT-->...

  • Page 102: Entry-Related Directives

    Entry-Related Directives Entry-Related Directives Entry-related directives are supported by the and edit CGIs. dosearch DS_ENTRYBEGIN Delimits the beginning of an entry. The directive is used in display or DS_ENTRYBEGIN edit templates to mark the start of an LDAP entry and in list templates to mark the beginning of a section which should be repeated for each entry which is returned by the search.

  • Page 103: Table B-1 Ds_Attribute: Display Of Syntax Argument

    Entry-Related Directives Table B-1 DS_ATTRIBUTE: Display of syntax Argument syntax Description Display As Display as a telephone number text Display as a distinguished name href (a link to an LDAP entry) Display as a mailto: URL href (mailto: URL) mail Display as a multi-line string text Display as date/time...
  • Page 104 Entry-Related Directives Table B-3 DS_ATTRIBUTE: Display of options Argument (Continued) options Display Applies only when using syntax=dn — tags are displayed when showing dntags DNs. Normally, they are not displayed. Applies only when using syntax=time — only displays the date, dateonly omitting the time.

  • Page 105: Examples

    Entry-Related Directives cols=number, cols=+number, cols=>number. Controls the width of the displayed attribute. If a number is given by itself, then the attribute is displayed with exactly that number of columns. If a plus (+) sign is given before the number, then the attribute is given that number number of extra columns.

  • Page 106: Ds_Objectclass

    Entry-Related Directives DS_OBJECTCLASS Describes the type of directory entries for which a given template should be used. Arguments value=value1,value2,...valueN. Specifies a list of object class values. For a template file to be used to display a given entry, all of the values given must be values in the entry’s attribute.

  • Page 107: Ds_Sortentries

    Entry-Related Directives DS_SORTENTRIES Specifies that entries should be sorted; typically used within list templates. This directive must appear within a block. Up to two DS_ENTRYBEGIN...DS_ENTRYEND directives are honored (the attribute from the first one that appears is DS_SORTENTRIES used as the primary sort key, and the second one is used as a secondary sort key). Arguments attr=attrname.
  • Page 108 Entry-Related Directives DS_EDITBUTTON Displays a button which, when clicked, brings up an editable view of an entry. This directive must appear within a block. Typically used DS_ENTRYBEGIN...DS_ENTRYEND in display templates. Arguments label=text. Use text as the label on the button. If not provided, the text is used.
  • Page 109 Entry-Related Directives <!-- DS_SAVEBUTTON "checksubmit=formDataValid()" --> DS_EDITASBUTTON Displays a button which, when clicked, allows editing of an entry using a non-default template. This directive must appear within a block. DS_ENTRYBEGIN... DS_ENTRYEND Arguments label=text. Use text as the label on the button. If not provided, the text is used.

  • Page 110: Arguments

    Entry-Related Directives DS_OLDPASSWORD Displays an HTML password field for the old password. This directive must appear within block. DS_ENTRYBEGIN...DS_ENTRYEND Arguments None. DS_HELPBUTTON Displays a help button. Arguments topic=topic_name. Causes the Help System to open the given topic name. Example <!-- DS_HELPBUTTON "topic=MODIFYPASSWD" --> DS_CLOSEBUTTON Displays a Close button, which causes the containing window to be closed.

  • Page 111: Arguments

    Entry-Related Directives Arguments None. DS_END_ENTRYFORM Causes the gateway to emit a tag. This directive must appear within a </FORM> block. DS_ENTRYBEGIN...DS_ENTRYEND Arguments None. DS_EMIT_BASE_HREF Emit a tag that contains the base URL for the CGI that was executed. <BASE> Arguments None.

  • Page 112: Arguments For If And Elif

    Entry-Related Directives Arguments None. DS_ATTRVAL_SET Display an attribute based on an as defined in the file. attrvset dsgw.conf Arguments set=name. Use information from attribute valueset name. prefix=text. HTML text to emit before each attribute value element (optional). suffix=text. HTML text to emit after each attribute value element (optional). Plus any of the arguments supported by the directive.

  • Page 113: Examples

    Entry-Related Directives Table B-4 Conditions Supported for ELSE and ENDIF (Continued) Condition Arguments Description none Are we just displaying an entry? Displaying none Is the user authenticated? Bound none Is the user authenticated as the entry we BoundAsThisEntry are displaying? Does the attribute attr have at least AttributeHasValues attr...

  • Page 114: Miscellaneous Directives

    Miscellaneous Directives Miscellaneous Directives BODY Emit HTML <BODY> element that includes color information. Arguments extrahtml Examples <!-- BODY --> <!-- BODY "onLoad=setDefaults()" --> COLORS Set color information to be used in subsequent BODY directives. Arguments html-color-info Example <!-- COLORS "TEXT=#000000 BGCOLOR=#FFFFFF LINK=#FF0000 VLINK=#8000FF ALINK=#FF0000"...

  • Page 115: Endhtml

    Miscellaneous Directives ENDHTML Emit </BODY></HTML> sequence Arguments None. HELPBUTTON Display a Help button (same effect as directive but can be used from any DS_HELPBUTTON gateway directory CGI). Arguments topic Example <!-- HELPBUTTON "MODIFYPASSWD" --> INCLUDE Include the contents of another HTML file. You cannot nest directives.

  • Page 116: Arguments

    Miscellaneous Directives Arguments filename. The name of the file to include. This is relative to the directory where config/ files such as are located. dsgw.conf Example <!-- INCLUDE dsgw-orgperson.conf --> DS_LAST_OP_INFO Display a string that shows the result of the last run.

  • Page 117: Ds_Gateway_Version

    Miscellaneous Directives DS_GATEWAY_VERSION Emit a string containing the version of the directory gateway CGI being executed. Arguments None. Example <!-- DS_GATEWAY_VERSION --> IF/ ELSE/ ELIF/ ENDIF Same as those supported by the CGIs. However, conditionals marked dosearch edit with an asterisk (*) are supported. Appendix B Gateway Directives...
  • Page 118 Miscellaneous Directives Red Hat Directory Server Gateway Customization Guide • April 2005...

  • Page 119: Appendix C Cgi Usage

    Appendix C CGI Usage This appendix provides regular expression-type descriptions of the ways to invoke the CGIs in script files. Each regular expression is followed by the variables the expression can take on a POST. Upper case words are variables. Lower case words are literals. auth auth[?context=CONTEXT[&dn=DN]] authasrootdn = "true"...

  • Page 120: Unauth

    searchType = SEARCHTYPE searchAttr = SEARCHATTR unauth unauth[?conetxt=CONTEXT] dnedit dnedit?CONTEXT=context&TEMPLATE=tmplname&DN=dn&ATTR=attrname&DESC= description edit edit?template&context=CONTEXT[&info=INFOSTRING] [&ADD][&dn=DN][&dnattr=ATTRNAME&dndesc=DESCRIPTION] (GETs only. No POSTs.) doauth escapedbinddn = DN authdesturl = AUTHDESTURL password = PASSWORD domodify changetype = CHANGETYPE dn = DN newrdn = RDN completion_javascript = COMPL_JS newpasswd = NEW_PASSWD passwd = PASSWD newpasswdconfirm = NPCONFIRM...

  • Page 121: Newentry

    newentry newentry[?context=CONTEXT[&file=FILE]] entrytype = ET entryname = EN rdntag = RDNTAG selectLocation = SL dnsuffix = DNSUFFIX dosearch dosearch?context=BLAH[&hp=host[:port]][&dn=baseDN][&ldq=LDAPquery]] mode = MODE searchstring = SEARCH STRING type = TYPE base = BASE attr = ATTR match = MATCH attr = ATTR filterpattern = FILTERPATTERN filterprefix = FILTERPREFIX filtersuffix = FILTERSUFFIX...
  • Page 122 Red Hat Directory Server Gateway Customization Guide • April 2005...

  • Page 123: Index

    Index Advanced search CGIs attributes for 69 auth 127 example of pop-up menu 71 csearch 127 dnedit 128 Attributes dosearch 129 adding to object classes 61 edit 128 deleting from object classes 61 lang 127 auth CGI 127 newentry 129 Authentication search 127 and non-anonymous searching 27...
  • Page 124 DS_ATTRVAL_SET 120 gateways installed with 22 DS_BEGIN_DNSEARCHFORM 120 updating gateway with updatedsgw script 27 DS_BEGIN_ENTRYFORM 119 updating the gateway with changes to 31 DS_CLOSEBUTTON 118 dirmgr parameter 95 DS_CONFIRM_NEWPASSWORD 118 DN formats DS_DELETEBUTTON 116 configuring 59 DS_DNEDITBUTTON 119 modifying default DN format 59 DS_EDITASBUTTON 117 UID-based 59 DS_EDITBUTTON 116...
  • Page 125 setting suffix for adding entries 39 gwnametrans parameter 97 setting up SSL support 40 Gateway configuraton customizing Communicator’s LDAP settings 42 Gateway files .conf file 51 .conf file configuration 37 htmldir parameter banner files 54 Parameters banner files, see also Banner files htmldir 97 dsgw.conf 51 HTTP clients...
  • Page 126 gwnametrans 97 ignoreAcceptCharsetFrom 97 Name translation mapping 33 location 56, 57, 98 newentry CGI 129 location-suffix 99 newtype 56, 100 newtype parameter 56, 100 NLS 101 NLS parameter 101 orgchart-attrib-farleft-rdn 101 Non-anonymous searching 27 securitypath 102 template 56, 102 url-orgchart-base 102 vcard-property 103 Port setting 37 POST operation...
  • Page 127 creating new 75 Search preferences extending 74 Search result templates customizing 78 default templates and related object classes 53 modifying 80 removing information from 81 Search results display of 78 Search scope base 69 defining 68 onelevel 69 subtree 69 Search support for user ID in Directory Express 73 securitypath parameter 102 serverID 18...
  • Page 128 Red Hat Directory Server Gateway Customization Guide • April 2005...
  • Page 129 List of Tables Table 2-1 Location of Gateway Files ........... . 30 Table 4-1 Gateway File Types and Locations .
  • Page 130 Red Hat Directory Server Gateway Customization Guide • April 2005...
  • Page 131 Examples HTML and configuration directories specified in pb.conf ......... 6 Embedding GCONTEXT in a Link ................7 Specifying PCONTEXT in an HTML Form .............. 7 Setting up .conf file and directories for new gateway instance ........ 21 Changing LDAP port in the baseurl parameter ............23 Specifying the Path for Certificate Database ............
  • Page 132 ii Red Hat Directory Server Gateway Customization Guide...

This manual is also suitable for:

Directory server 7.1

Table of Contents