Manualshelf

Neoview User Management and Security Administration Guide (R2.5)

ManualsBrandsHP ManualsSoftwareHP Neoview Release 2.5 Software
71727374757677787980
SmithJ@DomainA.zorin.com
To support this scenario, the directory entries for DomainA and DomainB have the following
common parameters. The UserIdentifier gives the attribute that identifies the user, the
DomainAttribute gives the attribute that includes the domain, and the DomainAttributeFormat
indicates how to locate the domain within the userPrincipalName attribute.
DirectoryBase dc=zorin, dc=com
UserIdentifier userPrincipalName
DomainAttribute userPrincipalName
DomainAttributeFormat *@domain.*
LDAP Server Configuration Interfaces
The LDAP server configuration interfaces consist of four NCI commands, which you execute in
security mode, or a set of HPDM dialogs that you use while logged on in the role of
ROLE.SECMGR:
For this purposeOr this HDPM dialogUse this NCI command
Add a new directory server configuration on NeoviewAdd Directory ServerCREATE SERVER
Change an existing directory server configurationEdit Directory ServerALTER SERVER
Remove a directory server configurationDelete button on Directory
Servers display
DROP SERVER
List some or all attributes of one or more directory server
configurations
Directory Servers display (on
Security tab)
INFO SERVER
In most cases, HPDM is the tool of choice for this set of tasks, because it consistently presents as
options only parameters valid for a specific type of server. NCI commands do not validate the
contents of the configuration description text file, so some configuration errors become evident
only at runtime.
LDAP server configuration functions can be performed only by SECURITYMGR or another user
who has the predefined role ROLE.SECMGR.
Attributes of Directory Server Configurations
Each directory-server configuration potentially includes the following attributes. If you use
HPDM to define a directory server, all these parameters are required; if you use NCI, only
domainName and UsagePri are required, but any attributes you omit from the NCI CREATE
SERVER command will not be reflected the corresponding row of the HPDM Directory Servers
display.
The Neoview platform also includes a default configuration entry, associated with the domain
name default; if you omit an optional attribute when you use NCI to configure an LDAP server,
or if you include an attribute and assign it the value default, the corresponding value from
the default configuration is used at runtime.
If you omit a required parameter from a server configuration command, the command is rejected.
NCI displays an error message indicating a syntax error and where it occurred, as in the following
example:
SQL>.sec create server mydomain1 port 10;
*** ERROR[29460] A syntax error occurred at or before:
create server mydomain1 port 10
^
78 LDAP Server Configuration on Neoview