Gateway .conf File Configuration
It is strongly recommended that you use a different directory manager account for the
gateway, an account other than
directory manager account (for example,
ACLs to restrict access to applicable sub suffixes and the user entries under those sub
suffixes. This enables the gateway directory manager to change those users' passwords but
prevents the entry from having complete control of the Directory Server.
NOTE
Configuring the Directory Manager DN
Use this procedure to configure the gateway Directory Manager to reference the correct
DN:
Create an entry for the gateway Directory Manager, making sure to set a password for
1.
the entry.
Set the permissions for the Directory Manager so that it has read and write authority
2.
for the entries it will manage.
When necessary, change the
3.
distinguished name (DN).
NOTE
The
dirmgr
described in the Red Hat Directory Server Administrator's Guide.
Authenticating as Directory Manager
Figure 2-1 shows the authentication login screen for the default gateway. Administrators
can use it to authenticate as the Directory Manager. The Authenticate as Directory
Manager button is displayed only when a Directory Manager has been configured for the
gateway.
The
authlifetime
remain authenticated, is described in "location," on page 98.
38
Red Hat Directory Server Gateway Customization Guide • April 2005
cn=Directory Manager
For security reasons, set the gateway Directory Manager to an entry other
than
cn=Directory Manager
dirmgr
End users frequently forget their passwords, so give the gateway Directory
Manager write access to the
manage.
parameter is described in "dirmgr," on page 95. Creating directory entries is
parameter, which defines the number of seconds that a user may
. Once you setup the new
cn=gateway manager,cn=config
.
parameter to refer to the Directory Manager's
attribute for the entries it will
userPassword
), use