Manualshelf

Neoview User Management and Security Administration Guide (R2.5)

ManualsBrandsHP ManualsSoftwareHP Neoview Release 2.5 Software
71727374757677787980
To account for the multiple forms of DN supported by a given LDAP server, specify the
UniqueIdentifier parameter multiple times with different values, as in the following example:
UniqueIdentifier uid,ou=People
UniqueIdentifier cn,ou=Applications
Authentication is most efficient when there is a single UniqueIdentifier. In such cases, the
LDAP daemon does not have to perform a search; rather, it can build an exact DN and bind to
the LDAP server, using the individual's credentials to authenticate. If, however, there are multiple
DN formats and hence multiple UniqueIdentifiers, the LDAP daemon tries each
UniqueIdentifier, in the order in which you listed them in the configuration description file,
until it finds the user's entry or runs out of possibilities. Figure 4-1 is a simplified diagram
illustrating the use of this parameter along with others described in this section.
Figure 4-1 Use of UniqueIdentifier and Associated Parameters
Together, the elements specified by DirectoryBase and UniqueIdentifier must form a
complete DN. For example, if you specify the following values, excluding the directory node
between uid and o
DirectoryBase o=REScorp
UniqueIdentifier uid
authentication requests will fail, because a complete DN for this directory structure also requires
an ou element.
Common and Server-Specific Configuration Parameters 71