Manualshelf

HP-UX Directory Server 8.1 administration server guide

ManualsBrandsHP ManualsSoftwareHP-UX Directory Server
11121314151617181920
o=NetscapeRoot
changetype:modify
replace:nsAdminAccessAddresses nsAdminAccessAddresses:72.5.*.*
Click Enter twice to submit the operation, then Ctrl-C to close ldapmodify.
The nsAdminAccessAddresses value can use wildcards to allow ranges. For example,
to allow all IP addresses:
nsAdminAccessAddresses:*
To allow only a subset of addresses on a local network:
nsAdminAccessAddresses:192.168.123.*
3. To set host name or domain-based restrictions, edit the nsAdminAccessHosts attribute.
ldapmodify -D "cn=directory manager" -w secret -p 389 -h server.example.com
dn: cn=configuration, cn=admin-serv-example, cn=HPDS Administration
Server, cn=Server Group, cn=server.example.com, ou=example.com,
o=NetscapeRoot
changetype:modify
replace:nsAdminAccessHosts
nsAdminAccessHosts:*.example.com
Click Enter twice to submit the operation, then Control+C to close ldapmodify.
4. Restart the Admin Server to apply the changes.
/opt/dirsrv/sbin/restart-ds-admin
2.7 Changing the admin user's name and password
During installation, you are asked to enter a username and password for the Configuration
Administrator, the user authorized to access and modify the entire configuration directory.
The Configuration Administrator entry is stored in the directory under the following DN:
uid=userID,ou=Administrators,ou=TopologyManagement,o=NetscapeRoot
The Configuration Administrator's username and password are managed through the Directory
Server and are represented in an LDAP entry; this is described in the HP-UX Directory Server
administrator guide.
During installation, the Configuration Administrator's username and password are used to
automatically create the Administration Server Administrator. This user can perform
a limited number of administrative tasks, such as starting, stopping, and restarting servers in a
local server group. The Administration Server Administrator is created for the purpose of logging
into the Console when the Directory Server is not running.
The Administration Server Administrator does not have an LDAP entry; it exists only as an entity
in a local configuration file, /etc/opt/dirsrv/admin-serv/admpw.
Even though they are created at the same time during installation, and are identical at that time,
the Configuration Administrator and Administration Server Administrator are two separate
entities. If you change the username or password for one in the Console, the Console does not
automatically make the same changes for the other.
The Administration Server Administrator has full access to all configuration settings in the Admin
Server. The information for the admin user is set on the Access tab in the Console.
2.7 Changing the admin user's name and password 17