Manualshelf

HP-UX Directory Server 8.1 administrator guide

ManualsBrandsHP ManualsSoftwareHP-UX Directory Server
51525354555657585960
NOTE:
When the database link and remote server are configured to communicate using SSL,
this does not mean that the client application making the operation request must also
communicate using SSL. The client can bind using a normal port.
SASL/DIGEST-MD5
This requires the standard port to connect to the server. Like simple authentication, this
requires only the bind DN and password to authenticate.
SASL/GSSAPI
This also requires the standard LDAP connection because the Directory Server does
not support using GSS-API over TLS/SSL.
The local server must have a Kerberos keytab (as in About the KDC server and
keytabs”), and the remote server must have a SASL mapping to map the local server's
principal to the real user entry (as in “Configuring SASL identity mapping from the
console”).
6. In the Remote Server Information section, select the connection type for the local server
to use to connect to the remote server. There are three options:
Use LDAP
This sets either a standard, unencrypted connection or allows SASL authentication,
because Directory Server supports SASL over standard LDAP but not SSL.
Use TLS/SSL
This uses a secure connection over the server's secure LDAPS port, such as 636. This
setting is required to use TLS/SSL, but it cannot be set if the authentication will be
performed with SASL.
When using TLS/SSL, make sure the remote server's port number is set to its secure
port.
Use Start TLS
This uses Start TLS to establish a secure connection over the server's standard port.
7. In the Remote Server Information section, fill in the name and port number for the remote
server.
For any failover servers, fill in the host name and port number, and click the Add button.
A server is a backup server, so that if the primary remote server fails, the database link
contacts the first server in the failover servers list and cycles through the list until a server
is accessed.
The new database link is listed under the suffix, in place of the database.
56 Configuring directory databases