Installation guide
Table Of Contents
- Gateway Customization Guide
- Contents
- Preface
- Introduction
- Setting Up the Gateway
- Gateway Installation Planning
- HTTP Server Configuration
- Creating a New Gateway Instance
- Gateway .conf File Configuration
- Configuring Gateway Clients
- Gateway Localization
- File Controlling Gateway Functionality
- Editing Entry Types
- Search Attributes, Filters, and Results
- Customizing Graphics and Color
- Parameters Defined in the .conf File
- Gateway Directives
- Introduction
- Context-Related Directives
- Entry-Related Directives
- DS_ENTRYBEGIN
- DS_ENTRYEND
- DS_ATTRIBUTE
- DS_OBJECTCLASS
- DS_VIEW_SWITCHER
- DS_SORTENTRIES
- DS_SEARCHDESC
- DS_POSTEDVALUE
- DS_EDITBUTTON
- DS_DELETEBUTTON
- DS_SAVEBUTTON
- DS_EDITASBUTTON
- DS_NEWPASSWORD
- DS_CONFIRM_NEWPASSWORD
- DS_OLDPASSWORD
- DS_HELPBUTTON
- DS_CLOSEBUTTON
- DS_BEGIN_ENTRYFORM
- DS_END_ENTRYFORM
- DS_EMIT_BASE_HREF
- DS_DNEDITBUTTON
- DS_BEGIN_DNSEARCHFORM
- DS_ATTRVAL_SET
- IF/ ELSE/ ELIF/ ENDIF
- Miscellaneous Directives
- CGI Usage
- Index
- List of Tables
Gateway .conf File Configuration
38 Red Hat Directory Server Gateway Customization Guide • April 2005
It is strongly recommended that you use a different directory manager account for the
gateway, an account other than
cn=Directory Manager. Once you setup the new
directory manager account (for example,
cn=gateway manager,cn=config), use
ACLs to restrict access to applicable sub suffixes and the user entries under those sub
suffixes. This enables the gateway directory manager to change those users’ passwords but
prevents the entry from having complete control of the Directory Server.
Configuring the Directory Manager DN
Use this procedure to configure the gateway Directory Manager to reference the correct
DN:
1. Create an entry for the gateway Directory Manager, making sure to set a password for
the entry.
2. Set the permissions for the Directory Manager so that it has read and write authority
for the entries it will manage.
3. When necessary, change the dirmgr parameter to refer to the Directory Manager’s
distinguished name (DN).
The
dirmgr parameter is described in “dirmgr,” on page 95. Creating directory entries is
described in the Red Hat Directory Server Administrator’s Guide.
Authenticating as Directory Manager
Figure 2-1 shows the authentication login screen for the default gateway. Administrators
can use it to authenticate as the Directory Manager. The Authenticate as Directory
Manager button is displayed only when a Directory Manager has been configured for the
gateway.
The
authlifetime parameter, which defines the number of seconds that a user may
remain authenticated, is described in “location,” on page 98.
NOTE For security reasons, set the gateway Directory Manager to an entry other
than
cn=Directory Manager.
NOTE End users frequently forget their passwords, so give the gateway Directory
Manager write access to the
userPassword attribute for the entries it will
manage.