Manualshelf

Red Hat Directory Server 8.0 Administrator's Guide

ManualsBrandsHP ManualsSoftwareHP-UX Red Hat Directory Server Software
511512513514515516517518519520
userdir.example.com.
3. When the user directory is set up on machine B, the setup script prompts for the LDAP URL
of the configuration directory on machine A.
4. The setup program enables the PTA Plug-in and configures it to use the configuration
directory LDAP URL.
This entry contains the LDAP URL for the configuration directory. For example:
dn: cn=Pass Through Authentication,cn=plugins,
...
nsslapd-pluginEnabled: on
nsslapd-pluginarg0: ldap://configdir.example.com/o=NetscapeRoot
...
The user directory is now configured to send all bind requests for entries with a DN
containing o=NetscapeRoot to the configuration directory configdir.example.com.
5. When installation is complete, the admin user attempts to connect to the user directory to
begin adding users.
6. The setup program adds the admin user's entry to the directory as uid=admin,
ou=TopologyManagement,o=NetscapeRoot. So the user directory passes the bind request
through to the configuration directory as defined by the PTA Plug-in configuration.
7. The configuration directory authenticates the user's credentials and sends the information
back to the user directory.
8. The user directory allows the admin user to bind.
2. PTA Plug-in Syntax
PTA Plug-in configuration information is specified in the cn=Pass Through
Authentication,cn=plugins,cn=config entry on the PTA directory (the user directory
configured to pass through bind requests to the authenticating directory) using the required PTA
syntax. There are only two attributes in this entry that are significant:
nsslapd-pluginEnabled, which sets whether the plug-in is enabled or disabled. The value for
this attribute can be on or off.
nsslapd-pluginarg0, which points to the configuration directory. The value for this attribute is
the LDAP URL of the server and suffix to which to pass the bind requests, along with the
optional parameters, maxconns, maxops, timeout, ldver, connlifetime.
The variable components of the PTA plug-in syntax are described in Table 17.1, “PTA Plug-in
Parameters”.
Chapter 17. Using the Pass-through Authentication Plug-in
492