Table of Contents
Advertisement
Table 11-3 AttributePresentConstraints Configuration Parameters (Continued)
Parameter
Description
Specifies the LDAP protocol version:
ldap.ldapconn.
version
• 2 specifies LDAP version 2. If your directory is based on Netscape Directory
• 3 specifies LDAP version 3. For Directory Server versions 3.x and later, choose 3
Specifies the user entry to bind as for checking the attribute in the LDAP directory.
ldap.ldapauth.
bindDN
Example: CN=pinmanager
Specifies the password associated with the DN specified by the
password
ldap.ldapauth.bindDN parameter.
Specifies the nickname or the friendly name of the certificate to be used for SSL client
ldap.ldapauth.
authentication to the LDAP directory in order to check attributes. Make sure that the
clientCertNick
certificate is valid and has been signed by a CA that is trusted in the directory's
name
certificate database, and that the directory's certmap.conf file has been configured
to correctly map the certificate to a DN in the directory. (This is needed for PIN
removal only.)
Example: Server-Cert
Specifies how to bind to the directory or the authentication type—basic
ldap.ldapauth.
authentication or SSL client authentication—required in order to check attributes in
authtype
the LDAP directory:
• BasicAuth specifies basic authentication (default). If you choose this option, be
• SslClientAuth specifies SSL client authentication. If you choose this option, be
Specifies the base DN for searching the LDAP directory—the plug-in uses the value
ldap.ldapconn.
of the uid field from the HTTP input (what a user enters in the enrollment from) and
basedn
the base DN to construct an LDAP search filter.
Permissible values: Any valid DN string of up to 255 characters. (If your user's DN is
uid=jdoe, o=company, you might want to use o=company here.)
Example: O=example.com
Specifies the minimum number of connections permitted (or to keep open) to the
ldap.ldapconn.
LDAP directory. Permissible values: 1 to 3; the default value is 1.
minConns
Server 1.x, choose 2.
(default).
sure to enter the correct values for ldap.ldapauth.bindDN and password
parameters; the plug-in uses the DN from the ldap.ldapauth.bindDN attribute
to bind to the directory.
sure to select the ldap.ldapconn.secureConn parameter and set the value of
the ldap.ldapauth.clientCertNickname parameter to the nickname of the
certificate to be used for SSL client authentication.
Constraints-Specific Policy Module Reference
Chapter 11
Policies
497
Advertisement
Table of Contents
Related Manuals for Netscape NETSCAPE MANAGEMENT SYSTEM 6.1 - ADMINISTRATOR
Related Products for Netscape NETSCAPE MANAGEMENT SYSTEM 6.1 - ADMINISTRATOR
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.0 - CUSTOMIZATION
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.0 - PLUG-IN
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.01 - CUSTOMIZATION
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.01 - PLUG-IN
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.0 - AGENT GUIDE
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.0 - COMMAND-LINE
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.01 - AGENT GUIDE
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.01 - COMMAND-LINE
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.1 - AGENT GUIDE
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.0
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.1 - COMMAND-LINE
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.2 - AGENT GUIDE
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.2 - COMMAND-LINE
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.2 - ADMINISTRATOR
- Netscape NETSCAPE MANAGEMENT SYSTEM 4.5 - CUSTOMIZATION GUIDE
- Netscape NETSCAPE MANAGEMENT SYSTEM 4.5 - PLUG-IN