Manualshelf

HP-UX Directory Server 8.1 configuration, command, and file reference

ManualsBrandsHP ManualsSoftwareHP-UX Directory Server
21222324252627282930
Members of local Directory Administrators group.
The SIE (Server Instance Entry) group, usually assigned using the Set Access Permissions
process the main console.
For more information on access control, see the HP-UX Directory Server administrator guide.
2.2.2 Changing configuration attributes
Server attributes can be viewed and changed in one of three ways: through the Directory Server
Console, by performing ldapsearch and ldapmodify commands, or by manually editing the
dse.ldif file.
NOTE:
You must stop the server before editing the dse.ldif file; otherwise, the changes are lost.
Editing the dse.ldif file is recommended only for changes to attributes which cannot be altered
dynamically. See “Configuration changes requiring server restart” for further information.
The following sections describe how to modify entries using LDAP (both by using Directory
Server Console and by using the command line), the restrictions that apply to modifying entries,
the restrictions that apply to modifying attributes, and the configuration changes requiring
restart.
2.2.2.1 Modifying configuration entries using LDAP
The configuration entries in the directory can be searched and modified using LDAP either
through the Directory Server Console or by performing the ldapsearch and ldapmodify
operations in the same way as other directory entries. The advantage of using LDAP to modify
entries is changes can be made while the server is running.
For further information, see the chapter titled “Creating Directory Entries” in the HP-UX Directory
Server administrator guide. However, certain changes do require the server to be restarted before
they are taken into account. See “Configuration changes requiring server restart” for further
information.
NOTE:
As with any set of configuration files, care should be taken when changing or deleting nodes in
the cn=config subtree as this risks affecting Directory Server functionality.
The entire configuration, including attributes that are set to default values, can be viewed by
performing an ldapsearch operation on the cn=config subtree:
# ldapsearch -b cn=config -D bindDN -w password
Where:
bindDN
is the DN chosen for the Directory Manager when the server was installed
(cn=Directory Manager by default).
password
is the password chosen for the Directory Manager.
For more information on using the ldapsearch command, see “ldapsearch”.
To disable a plug-in, use the ldapmodify command to edit the nsslapd-pluginEnabled
attribute:
# ldapmodify -D "cn=directory manager" -w password
dn: cn=Telephone Syntax,cn=plugins,cn=config
changetype: modify
replace: nsslapd-pluginEnabled
nsslapd-pluginEnabled: off
2.2 Accessing and modifying server configuration 21