Table of Contents
Advertisement
Pass-Through Authentication Plug-In
Pass-through authentication (PTA) is a mechanism by which one directory server
consults another to authenticate bind requests. The PTA plug-in provides this
functionality; allowing a directory server to accept simple bind operations
(password based) for entries not stored in its local database.
Netscape Directory Server (Directory Server) uses PTA to allow you to administer
your user and configuration directories on separate instances of Directory Server.
This chapter describes the PTA plug-in in the following sections:
•
How Directory Server Uses PTA (page 453)
•
PTA Plug-In Syntax (page 455)
•
Configuring the PTA Plug-In (page 457)
•
PTA Plug-In Syntax Examples (page 463)
How Directory Server Uses PTA
If you install the configuration directory and the user directory on separate
instances of Directory Server, the installation program automatically sets up PTA
to allow the Configuration Administrator user (usually
administrative duties.
PTA is required in this case because the
o=NetscapeRoot
user directory as
transmit the credentials to the configuration directory which verifies them. The
user directory then allows the
in the configuration directory. Therefore, attempts to bind to the
would normally fail. PTA allows the user directory to
admin
user to bind.
admin
admin
user entry is stored under
admin
Chapter 16
Using the
) to perform
453
Advertisement
Table of Contents
