Red Hat Directory Server 8.0 Administrator's Guide
Variable Definition
subtree The pass-through subtree. The PTA Directory
Server passes through bind requests to the
authenticating Directory Server from all clients
whose DN is in this subtree. See Section 3.4,
“Specifying the Pass-through Subtree” for
more information. This subtree must not exist
on this server. To pass the bind requests for
o=NetscapeRoot to the configuration
directory, the subtree o=NetscapeRoot must
not exist on the server.
maxconns Optional. The maximum number of
connections the PTA directory can
simultaneously open to the authenticating
directory. The default is 3. See Section 3.5,
“Configuring the Optional Parameters” for
more information.
maxops Optional. The maximum number of
simultaneous operations (usually bind
requests) the PTA directory can send to the
authenticating directory within a single
connection. The default is 5. See Section 3.5,
“Configuring the Optional Parameters” for
more information.
timeout Optional. The time limit, in seconds, that the
PTA directory waits for a response from the
authenticating Directory Server. If this timeout
is exceeded, the server returns an error to the
client. The default is 300 seconds (five
minutes). Specify zero (0) to indicate no time
limit should be enforced. See Section 3.5,
“Configuring the Optional Parameters” for
more information.
ldver Optional. The version of the LDAP protocol
used to connect to the authenticating
directory. Directory Server supports LDAP
version 2 and 3. The default is version 3, and
Red Hat strongly recommends against using
LDAPv2, which is old and will be deprecated.
See Section 3.5, “Configuring the Optional
Parameters” for more information.
connlifetime Optional. The time limit, in seconds, within
which a connection may be used. If a bind
request is initiated by a client after this time
Chapter 17. Using the Pass-through Authentication Plug-in
494