Table of Contents
Advertisement
NOTE
When a user binds to a database link, the user's identity is sent to
the remote server. Access controls are always evaluated on the
remote server. For the user to successfully modify or write data to
the remote server, you need to set up the correct access controls on
the remote server.
For more information about how access controls are evaluated in
the context of chained operations, refer to "Database Links and
Access Control Evaluation," on page 111.
Chaining Using SSL
You can configure your database links to communicate with the remote server
using SSL. Using SSL to chain involves the following steps:
•
Enable SSL on the remote server.
For more information on enabling SSL, refer to "Enabling SSL: Summary of
Steps," on page 376.
•
Specify the LDAP URL of the remote server in SSL format.
You specify the LDAP URL in the
information about this attribute, see "Providing an LDAP URL," on page 104.
For example, you might specify the following LDAP URL:
nsFarmServerURL: ldaps://africa.example.com:636/
•
Enable SSL on the server that contains the database link.
For more information on enabling SSL, refer to "Enabling SSL: Summary of
Steps," on page 376.
When you configure the database link and remote server to communicate using
SSL, this does not mean that the client application making the operation request
must also communicate using SSL. The client can bind using a normal port.
Creating and Maintaining Database Links
attribute. For more
nsFarmServerURL
Chapter 3
Configuring Directory Databases
109
Advertisement
Table of Contents
