Ldap failover server properties, 51 ldap schema properties section components – HP Secure Key Manager User Manual

Page 133

Advertising
background image

Table 51 LDAP Schema Properties section components

Component

Description

User Base DN

The base distinguished name (DN) from which to begin the search for usernames.

User ID Attribute

The attribute type for the user on which to search. The attribute type you choose must

result in globally unique users.

User List Filter

The search filter for users, for example:
(& (objectClass=user) (objectCategory=person))To specify all,

use
(objectClass=*)

Group Base DN

The base DN from which to begin the search for groups.

Group ID Attribute

The attribute type for the group on which to search.

Group List Filter

The search filter for groups, for example:
(objectClass=group)

Group Member

Attribute

The Group Member Attribute is the attribute that is used to search for a user within a

group, for example, member. The format of the Group Member attribute may be a

user ID or a DN and is determined by the next setting.

Group Member

Attribute Format

The Group Member attribute can take one of two formats:

User ID

User DN

Search Scope

The Search Scope determines how deep within the LDAP user directory the KMS

Server searches for a user or group.

One Level: search only the children of the base node

Subtree: search all the descendents of the base node. Depending on the size of

your LDAP directory, this can be very inefficient.

NOTE:

The LDAP protocol supports four search scopes: base, one level, subtree and

children. The KMS Server allows you to specify only one level and subtree at this

time. You should note that subtree includes base and children, so by specifying

subtree, the search scope includes subtree, base, and children.

Edit

Click Edit to modify the properties.

Clear

Click Clear to remove the current properties.

LDAP Failover Server Properties

Use the LDAP Failover Server Properties section to define a backup LDAP server to use in case the

main LDAP server becomes inaccessible due to a non-timeout error. When the primary LDAP server is

down, the SKM shifts to the failover LDAP server and periodically retry the main server to see if it has

become accessible again.

Figure 72 Viewing the LDAP Failover Server Properties section

The following table describes the components of the LDAP Failover Server Properties section.

Secure Key Manager

133

Advertising
Popular Brands
Popular manuals