Installation guide
Table Of Contents
- Gateway Customization Guide
- Contents
- Preface
- Introduction
- Setting Up the Gateway
- Gateway Installation Planning
- HTTP Server Configuration
- Creating a New Gateway Instance
- Gateway .conf File Configuration
- Configuring Gateway Clients
- Gateway Localization
- File Controlling Gateway Functionality
- Editing Entry Types
- Search Attributes, Filters, and Results
- Customizing Graphics and Color
- Parameters Defined in the .conf File
- Gateway Directives
- Introduction
- Context-Related Directives
- Entry-Related Directives
- DS_ENTRYBEGIN
- DS_ENTRYEND
- DS_ATTRIBUTE
- DS_OBJECTCLASS
- DS_VIEW_SWITCHER
- DS_SORTENTRIES
- DS_SEARCHDESC
- DS_POSTEDVALUE
- DS_EDITBUTTON
- DS_DELETEBUTTON
- DS_SAVEBUTTON
- DS_EDITASBUTTON
- DS_NEWPASSWORD
- DS_CONFIRM_NEWPASSWORD
- DS_OLDPASSWORD
- DS_HELPBUTTON
- DS_CLOSEBUTTON
- DS_BEGIN_ENTRYFORM
- DS_END_ENTRYFORM
- DS_EMIT_BASE_HREF
- DS_DNEDITBUTTON
- DS_BEGIN_DNSEARCHFORM
- DS_ATTRVAL_SET
- IF/ ELSE/ ELIF/ ENDIF
- Miscellaneous Directives
- CGI Usage
- Index
- List of Tables
Gateway Installation Planning
Chapter 2 Setting Up the Gateway 31
Protecting Bind DN and Password
The gateway configuration files reference files that contain sensitive information, including
the
binddnfile parameter containing the bind DN and bind password used to permit
non-anonymous searching of the directory. The
binddnfile should not be stored under
the gateway configuration directory (
serverRoot/clients/dsgw) or in any directory that is
served up over HTTP.
Protecting Root Processes on UNIX Systems
On UNIX systems, it is not advisable to run the gateway from a Red Hat Administration
Server that is also running a server process as
root. This may expose sensitive information
about the configuration of your Directory Servers.
Updating the Gateway with Changes to Directory
Server Configuration
Directory Server Gateway includes a script, updatedsgw, that can be used to update all
gateway instances with changes to the Directory Server configuration, including changes to
Directory Server port, host, suffix, and root DN (the ability to update the suffix is not
available in the server administration console). The
updatedsgw script is stored in the
serverRoot/bin/slapd/admin/bin directory.
Changes made to the Directory Server configuration (
dse.ldif) by the Red Hat Console
are posted to
updatedsgw, and the relevant gateway files are updated. These files will be
updated only when the host and port for the gateway match the host and port of the
Directory Server.
HTTP Server Recommendations for Directory Server
Gateway
The Red Hat Administration Server is the default HTTP server for the two gateway clients
that are installed with the Directory Server. Both Directory Express and the default gateway
are preconfigured to run under the Administration Server without additional setup.
NOTE The Directory Server’s root DN (the Directory Server’s superuser) must
match the value of the gateway’s
dirmgr parameter.