LDAP-UX Client Services B.04.15 Administrator's Guide

ManualsBrandsHP ManualsSoftwareHP-UX LDAP-UX Integration Software

241

242

243

244

245

246

247

248

249

250

or "proxy anonymous". "proxy" means use the configured

proxy user. "anonymous" means use anonymous access.

"proxy anonymous" means use the configured proxy user

and if that fails, bind anonymously. If this attribute has no

value, "anonymous" is the default.

defaultSearchBase

is the base DN where clients can find name service

information, for example ou=hpusers,o=hp.com. This

attribute must have a value.

defaultServerList

is a list of one or more host IP addresses and optional port

numbers where LDAP directory servers are running. Each

host is searched in the order given. The LDAP-UX client

searches the servers until it finds one that responds,

defaultServerList is used only if the preferedServerList

attribute has no value, or if none of the specified servers in

preferredServerList responds the client request. If neither

defaultServerList nor preferredServerList specifies a host,

the LDAP-UX client does not try to connect to any LDAP

directory server. See preferredServerList below.

For example, 15.10.120.150:300 is the host at IP address

15.10.120.150 using port number 300. When specifying

multiple hosts, each host:port entry must be separated by a

space.

followReferrals

specifies whether or not referrals should be followed. If the

entry is 0 (zero) or FALSE, referrals will not be followed. If

the attribute has no value, any other numeric value, or TRUE

referrals will be followed.

preferredServerList

is a list of one or more host IP addresses and optional port

numbers where LDAP directory servers are running. Each

host is searched in the order given. If this attribute has no

value, or if none of the specified servers satisfies the client's

request, the defaultServerList is used. See defaultServerList

for more information.

For example, 15.13.128.145:250 is the host at IP address

15.13.128.145 using port number 250. When specifying

multiple hosts, each host:port entry must be separated by a

space.

profileTTL

is the recommended time interval before refreshing the

cached configuration profile.

searchTimeLimit

is how long, in seconds, a client should wait for directory

searches before aborting. 0 (zero) means no time limit. If this

attribute has no value, the default is no time limit.

serviceSearchDescriptor

is one to three custom search descriptors for each service.

The format is Service:BaseDN?Scope?(Filter) where

Service is one of the supported services passwd, group,

shadow, or pam. BaseDN is the base DN at which to start

searches. Scope is the search scope and can be one of the

following: one, base, sub. Filter is an LDAP search filter,

typically the object class. Each service can have up to three

custom search descriptors.

For example, the following defines a search descriptor for

the passwd service specifying a baseDN of

ou=people,ou=unix,o=hp.com, a search scope of sub,

and a search filter of the posixAccount object class.

passwd:ou=people,ou=unix,o=hp.com?sub?(objectclass=posixAccount)

246 LDAP-UX Client Services Object Classes