Symbols

-, in change operation 167

Numerics

2.x servers
  linking to 27

A

access control 71
  "administrators" group 40
  administrators group 27
  choosing what to protect 71
  custom expressions 78
  date restrictions 78
  described 67-71
  distributed administration and 40
  entries (ACEs) 70
  files 69
  hostnames 75
  hostnames and IP addresses 67
  IP addresses 75
  list (ACLs) 70
  Not Found message 79
  programs 76
  redirection 79
  response when denied 79
  restricting 71
  superuser 27
  time restrictions 78
  turning off 78
  users and groups 67, 73
access log 40
  example 41
  viewing 41
ACE See access control 70
ACLs
  distributed administration and 40
ACLs See access control 70
Admin server user 36
admin-defaults.acl 69
administration server
  accessing 20
  logging on 27
  new features (3.x) 24
  security and 102
  stopping 32
  superuser 27
  system user for 36
  URL for 20
administrators group 27
admin-serv.acl 69
admpw file 39
agent, SNMP 44
agents
  SNMP 44, 53
aliases
  creating 105
  defined 105
  listing 106
  removing 106
approximate search 147, 153, 161, 184
attribute type field (LDIF) 192
attribute value field (LDIF) 192
attributes
  modifying values 168
  overview 201
  reference 222-248
  See also individual attribute names
authentication
  client 89
  defined 83
  dialog box for 68
  hostnames 69
  server 89
  users and groups 68
authentication certificates 88

B

Boolean operators, for search filters 184
browsers
  requirements for 16
businessCategory attribute 223

C

c attribute (DN) 130
carLicense attribute 223
CAs 88
  trusted list 93
  trusting 113
certificate authority 104
certificate request, information needed 111
certificates 83, 88
  certmap.conf and 95
  client 93
  client mapping
    examples 98
  converting 2.x,converting 2.x certificates 115
  deleting 106, 114
  distinguished name 112
  installing 112
  key-pair files and 106
  managing 114
  mapping to LDAP entries 94
  requesting 109
  trusting 113
  viewing information 114
certificates, chaining 91
Certification Authorities 88
certmap.conf 95
chaining certificates 91
changeLogMaximumAge attribute 223
changeLogMaximumSize attribute 224
changetype
  add 167
  delete 168
  modify 168
  modrdn 168
ciphers 117-119
  defined 86
  list of 117
ciphertext 83
client authentication 89
  explained 90
client certificates 93
clusters 59-66
  adding servers to 62
  configuring 62
  defined 59
CmapLdapAttr 97
cn attribute (DN) 130
comma, between DN attributes 128
command line
  providing input from 176
command-line tools
  LDAP and 126
  ldapmodify 126
  ldapsearch tool 126
commonName attribute 224
CONFIG file 50
  sample 50
configuration
  multiple servers and 62
configurations, sharing 60
"contains" search 147, 153, 161
controlling access to the server 71
conventions, used in this book 15
conversion
  user databases 137
country object class 207
countryName attribute 224
cron controls 43

D

daemon
  SNMP
    restarting 54
dash, in change operation 167
database
  creating using LDIF 193
  updating 166
databases
  converting to 3.x 137
decryption 83
  keys 84
deleting certificates 114
departmentNumber attribute 224
description attribute 224
directories
  protecting access to 71
directory services 123
directory trees
  finding entries in 186
distinguished name 112
distinguished names
  attributes for 130
  commas (,) in 131
  components of 127
  defined 127
  examples of 129
  mapping certificates to LDAP entries 94
  order of components 129
  overview 127
  syntax for 128
distributed administration 27-32
  administrators group 27
  configuring 38
  groups
    ACLs and 40
dn field (LDIF) 192
DN See distinguished names 127
DN, See distinguished name
DNComps 96

E

employeeNumber attribute 225
employeeType attribute 225
encryption 83
  keys 84
  public-key 84
  signing files 86
  symmetric 84
end of file marker 176
end users 27
"ends with" search 147, 153, 161
entries
  modifying 172
  order of creation 169
  root 193
  working with 165
EOF marker 176
equality search 183
  example 185
error log 40
  example 42
  viewing 42
exact match search 147, 153, 161

F

facsimileTelephoneNumber attribute 225
features, new 24
files
  access control 69
  certmap.conf 95
  ns-admin.conf 119
  protecting access to 71
  searchdb 189, 190
  slapd.oc.conf 201
FilterComps 96
fonts
  monospaced, used in this book 15
  used in this book 15
forms
  restricting access to 76

G

General Administration 23
generation attribute 225
givenName attribute 225
greater than or equal to search 183
Group.ldi 138
GroupDel.ldif 138
GroupDup.ldi 138
GroupMod.ldif 138
groupOfNames object class 203
groupOfUniqueNames object class 203
groups
  authentication 68
  restricting access 67

H

homePostalAddress attribute 226
homeTelephoneNumber attribute 225
hostnames
  authentication 69
  restricting access 67
  restricting superuser access with 37
HTTPS 116
  SSL and 116

I

id field (LDIF) 192
importdb 138
inetOrgPerson object class 212
InitFn 97
initials attribute 226
installation
  preparation 25
integrity 83
IP addresses
  restricting access 67
  restricting superuser access with 37
"is not" search 147, 153, 161
"is" search 147, 153, 161

J

JavaScript, enabling 16
jpegPhoto attribute 226

K

key pairs
  generating 106
key-pair files
  aliases and 105
  generating 106
  passwords and 108
keys 84
  generating 106
  private 84
  public 84
  session 101

L

l attribute (DN) 130
labeledURI attribute 226
LDAP
  access control and 28
  certificates and 93
  command-line tools 126
  defined 124
  gateways 126
  local database 124
  local directory 124
  mapping client certificates 94
  structure 131
  tree 131
LDAP Data Interchange Format (LDIF)
  creating databases using 193, ??-196
  entry format 191
  example 196
  line continuation 192
  update statements 166
ldapmodify tool 126
ldapmodify utility
  example of use 178, 179
  parameters 177
LDAPReplica object class 205
ldapsearch tool 126
ldapsearch utility
  example of use 189
  parameters 186-190
  search filters 182
LDAPServer object class 204
LDIF entries
  creating 194-196
LDIF files 137
LDIF update statements 166-??, 172
  change types 167
  format of 166
  functions of 166
less than or equal to search 183
Library 97
Lightweight Directory Access Protocol See LDAP 124
local database 124
  configuring 135
  limitations 125
  structure (planning) 131
local directory 124
  configuring 135
  limitations 125
  structure (planning) 131
locality object class 207
localityName attribute 227
log files
  access log 40
  error log 40
logging on 27

M

mail attribute 227, 228, 229, 230, 231, 232, 233, 234
managed device 44
manager attribute 230
managing certificates 114
master agent, SNMP 44
  installing 49
  starting 51
member attribute 230
message integrity
  signing files 86
MIB 47
  hierarchy 44
    graphic 45
MIB tree, figure 45
MIB, Netscape 47
migrating a server 139
mobileTelephoneNumber attribute 234
monospaced fonts
  used in this book 15
multiple search filters 184

N

navigators
  requirements for 16
Netscape Communicator 16
Netscape cron 43
Netscape Directory Server, using with the administration server 124
Netscape MIB 47
Netscape Navigator 16
network settings 36
NMS, defined 44
Not Found message, access control and 79
ns-admin.conf 119

O

o attribute (DN) 130
object class
  overview 201
  reference 202-221
  See also individual object class names
objectClass field (LDIF) 192
organization object class 208
organizational person, specifying entries for 194
organizational units 132
organizationalPerson object class 211
organizationalUnit object class 209
organizationalUnitName attribute 242
organizationName attribute 241
other servers (2.x) 27
ou attribute (DN) 130
overview of this manual 13
owner attribute 242

P

pagerTelephoneNumber attribute 242
passwords
  authentication 68
  file that store 39
  key-pair files and 108
  superuser 39
person object class 210
physicalDeliveryOfficeName attribute 242
port numbers 36
postalAddress attribute 235, 242, 246
postalCode attribute 243
postOfficeBox attribute 243
preferredDeliveryMethod attribute 243
presence search 184
  example 185
prime numbers 87
private key 104
private keys 84
  generating 106
programs
  access control 76
proxy agent, SNMP 53
  installing 53
  starting 54
public key 104
public keys 84
  generating 106
public-key encryption 84

Q

quotation marks, in parameter values 176, 186

R

redirection (access control) 79
relative distinguished name
  modifying 168
replicaBinddn attribute 243
replicaBindMethod attribute 243
replicaCredentials attribute 244
replicaHost attribute 244
replicaPort attribute 244
replicaRoot attribute 244
replicaUpdateFailedAt attribute 244
replicaUpdateReplayed attribute 244
replicaUpdateSchedule attribute 245
replicaUseSSL attribute 245
restricting access 71
roomNumber attribute 245
root
  entry creation 193

S

schema
  overview 197-202
search filters 182-186
  Boolean operators 184
  examples 185
  specifying file 188
  syntax 182
  using multiple 184
search types, list of 183
searchdb file 189, 190
searches
  approximate 184
  equality 183, 185
  greater than or equal to 183
  less than or equal to 183
  of directory tree 186
  presence 184, 185
  specifying scope 187
  substring 183
secretary attribute 245
Secure Sockets Layer (SSL) 81
security
  authentication and 83
  encryption and 83
  increasing 101
  integrity and 83
  keys 84
Security directive 119
security issues 81
seeAlso attribute 245
Server Administration button 24
Server Administration page 21
  2.x servers and 27
server authentication 89
  explained 89
Server Manager forms 22-24
ServerCert directive 120
ServerKey directive 120
servers
  configuring multiple 62
  migrating 139
  removing 35
  restricting access to 71
  security issues for 81
  sharing configurations 60
  trusted CAs and 93
session keys 85, 101
signing files 86
slapd.oc.conf file 201
SNMP 44-57
  agents, installing 48
  community strings, adding 55
  community strings, configuring 55
  community strings, editing 55
  community strings, removing 56
  configuring 44
  daemon
    restarting 54
  master agent 44
    installing 49
    starting 51
  proxy agent 53
    installing 53
    starting 54
  subagent 44
  subagents
    installing 54
  trap destinations, adding 56
  trap destinations, configuring 56
  trap destinations, editing 57
  trap destinations, removing 57
"sounds like" search 147, 153, 161
spoofing 82
sr2x file 27
SSL
  information needed to enable 111
  preparation for 101
  signing files 86
SSL 2.0 117
SSL-enabled browsers 81
st attribute (DN) 131
"starts with" search 147, 153, 161
stateOrProvinceName attribute 246
stopping the administration server 32
street attribute (DN) 131
streetAddress attribute 247
styles, in this book 15
subagent, SNMP 44
subagents, SNMP
  installing 54
substring search 147, 153, 161, 183
subtreeACI attribute 247
SuiteSpot
  defined 14
  installation 25
  system user 25
superuser
  access control 37
  defined 27
  settings 37
surname attribute 247
symmetric encryption 84
system user 36

T

Technical Support 17
telephoneNumber attribute 247
terms used in this book 15
terms, in this book 15
title attribute 247
trusting certificates 113
typestyles used in this book 15

U

uid attribute (DN) 130
upgrading a server 139
URLs
  SSL-enabled servers and 116
User.ldif 138
UserDel.ldif 138
UserDup.ldif 138
user-environment.acl 69
userid attribute 247
userPassword attribute 248
users
  authentication 68
  restricting access 67
  superuser 27

V

verifycert 97

W

white space
  between DN attributes 128

X

X.500 standard 128, 198