Manualshelf

HP-UX Directory Server 8.1 configuration, command, and file reference

ManualsBrandsHP ManualsSoftwareHP-UX Directory Server
31323334353637383940
DescriptionDigitDescriptionDigit
Read and write
6
Write only
2
Read, write, and execute
7
Write and execute
3
In the 3-digit number, the first digit represents the owner's permissions, the second digit represents
the group's permissions, and the third digit represents everyone's permissions. When changing
the default value, remember that 000 does not allow access to the logs and that allowing write
permissions to everyone can result in the logs being overwritten or deleted by anyone.
The newly configured access mode takes effect immediately for any open log file, as well as for
any log files that are created subsequently.
NOTE:
Any umask set for the runtime user of the Directory Server causes the effective mode to be more
restrictive.
DescriptionParameter
cn=configEntry DN
000 through 777Valid Range
600Default Value
IntegerSyntax
nsslapd-auditlog-mode: 600Example
2.3.1.34 nsslapd-certdir (Certificate and key database directory)
This is the full path to the directory holding the certificate and key databases for a Directory
Server instance. This directory must contain only the certificate and key databases for this instance
and no other instances. This directory must be owned and allow read-write access for the server
user ID. No other user should have read or right access to this directory. The default location is
the configuration file directory, /etc/opt/dirsrv/slapd-instance_name.
Changes to this value will not take effect until the server is restarted.
DescriptionParameter
cn=configEntry DN
Absolute path to any directory which is owned by the server user ID and only allows read
and write access to the server user ID
Valid Values
/etc/opt/dirsrv/slapd-instance_name
Default Value
DirectoryStringSyntax
/etc/opt/dirsrv/slapd-phonebookExample
2.3.1.35 nsslapd-certmap-basedn (Certificate map search base)
This attribute can be used when client authentication is performed using SSL certificates in order
to avoid limitations of the security subsystem certificate mapping, configured in the
certmap.conf file. Depending on the certmap.conf configuration, the certificate mapping
may be done using a directory subtree search based at the root DN. If the search is based at the
root DN, then the nsslapd-certmap-basedn attribute may force the search to be based at
some entry other than the root. The valid value for this attribute is the DN of the suffix or subtree
36 Core server configuration reference