HP XP P9000 Command View Advanced Edition Suite Software 7.6.1-00 Administrator Guide
server, in the host attribute specify the same host name as the value of CN in the LDAP directory
server certificate. You cannot use an IP address.
Table 42 Setup items in the exauth.properties file for RADIUS authentication (when an external
authorization server and StartTLS are used for communication)
DetailsProperty
Specify whether or not to verify the validity of an LDAP directory server's electronic
signature certificate by using an OCSP responder or a CRL when the LDAP directory
server and StartTLS are used for communication.
If you want to verify the validity of certificates, specify true. To not verify the validity
of certificates, specify false.
Default value: false
auth.ocsp.en-
able
Specify the URL of an OCSP responder if you want to use an OCSP responder that is
not the one written in the AIA field of the electronic signature certificate to verify the
validity of the electronic signature certificate. If this value is omitted, the OCSP responder
written in the AIA field is used.
Default value: None
auth.ocsp.re-
sponderURL
Table 43 Setup items in the exauth.properties file for RADIUS authentication (when using the DNS
server to look up information about the external authorization server)
DetailsAttributes
Specify the protocol for connecting to the LDAP directory server.
Specifiable values: ldap
Default value: ldap
protocol
Specify the port number of the LDAP directory server. Make sure beforehand that
the port you specify is set as the listen port number on the LDAP directory server.
Specifiable values: 1 to 65535
Default value: 389
port
Specify the BaseDN, which is the DN of the entry that will be used as the start
point when searching for LDAP user information on the LDAP directory server. The
user entries that are located in the hierarchy below this DN will be checked during
authorization.
Specify the DN of the hierarchy that includes all of the user entries to be searched.
Specify the DN by following the rules defined in RFC4514. For example, if any of
the following characters are included in a DN, you need to use a backslash (\) to
escape each character.
Spaces # + ; , < = > \
If characters that need to be escaped are included in the specified BaseDN, escape
all of those characters correctly because the specified value will be passed to the
LDAP directory server without change.
If you omit this attribute, the value specified in the defaultNamingContext
property of Active Directory is assumed as the BaseDN.
Default value: none
basedn
User account management140