Symbols
-, in change operation 167
Numerics
2.x servers
linking to 27
A
access control 71
"administrators" group 40
administrators group 27
choosing what to protect 71
custom expressions 78
date restrictions 78
described 67-71
distributed administration and 40
entries (ACEs) 70
files 69
hostnames 75
hostnames and IP addresses 67
IP addresses 75
list (ACLs) 70
Not Found message 79
programs 76
redirection 79
response when denied 79
restricting 71
superuser 27
time restrictions 78
turning off 78
users and groups 67, 73
access log 40
example 41
viewing 41
ACE See access control 70
ACLs
distributed administration and 40
ACLs See access control 70
Admin server user 36
admin-defaults.acl 69
administration server
accessing 20
logging on 27
new features (3.x) 24
security and 102
stopping 32
superuser 27
system user for 36
URL for 20
administrators group 27
admin-serv.acl 69
admpw file 39
agent, SNMP 44
agents
SNMP 44, 53
aliases
creating 105
defined 105
listing 106
removing 106
approximate search 147, 153, 161, 184
attribute type field (LDIF) 192
attribute value field (LDIF) 192
attributes
modifying values 168
overview 201
reference 222-248
See also individual attribute names
authentication
client 89
defined 83
dialog box for 68
hostnames 69
server 89
users and groups 68
authentication certificates 88
B
Boolean operators, for search filters 184
browsers
requirements for 16
businessCategory attribute 223
C
c attribute (DN) 130
carLicense attribute 223
CAs 88
trusted list 93
trusting 113
certificate authority 104
certificate request, information needed 111
certificates 83, 88
certmap.conf and 95
client 93
client mapping
examples 98
converting 2.x,converting 2.x certificates 115
deleting 106, 114
distinguished name 112
installing 112
key-pair files and 106
managing 114
mapping to LDAP entries 94
requesting 109
trusting 113
viewing information 114
certificates, chaining 91
Certification Authorities 88
certmap.conf 95
chaining certificates 91
changeLogMaximumAge attribute 223
changeLogMaximumSize attribute 224
changetype
add 167
delete 168
modify 168
modrdn 168
ciphers 117-119
defined 86
list of 117
ciphertext 83
client authentication 89
explained 90
client certificates 93
clusters 59-66
adding servers to 62
configuring 62
defined 59
CmapLdapAttr 97
cn attribute (DN) 130
comma, between DN attributes 128
command line
providing input from 176
command-line tools
LDAP and 126
ldapmodify 126
ldapsearch tool 126
commonName attribute 224
CONFIG file 50
sample 50
configuration
multiple servers and 62
configurations, sharing 60
"contains" search 147, 153, 161
controlling access to the server 71
conventions, used in this book 15
conversion
user databases 137
country object class 207
countryName attribute 224
cron controls 43
D
daemon
SNMP
restarting 54
dash, in change operation 167
database
creating using LDIF 193
updating 166
databases
converting to 3.x 137
decryption 83
keys 84
deleting certificates 114
departmentNumber attribute 224
description attribute 224
directories
protecting access to 71
directory services 123
directory trees
finding entries in 186
distinguished name 112
distinguished names
attributes for 130
commas (,) in 131
components of 127
defined 127
examples of 129
mapping certificates to LDAP entries 94
order of components 129
overview 127
syntax for 128
distributed administration 27-32
administrators group 27
configuring 38
groups
ACLs and 40
dn field (LDIF) 192
DN See distinguished names 127
DN, See distinguished name
DNComps 96
E
employeeNumber attribute 225
employeeType attribute 225
encryption 83
keys 84
public-key 84
signing files 86
symmetric 84
end of file marker 176
end users 27
"ends with" search 147, 153, 161
entries
modifying 172
order of creation 169
root 193
working with 165
EOF marker 176
equality search 183
example 185
error log 40
example 42
viewing 42
exact match search 147, 153, 161
F
facsimileTelephoneNumber attribute 225
features, new 24
files
access control 69
certmap.conf 95
ns-admin.conf 119
protecting access to 71
searchdb 189, 190
slapd.oc.conf 201
FilterComps 96
fonts
monospaced, used in this book 15
used in this book 15
forms
restricting access to 76
G
General Administration 23
generation attribute 225
givenName attribute 225
greater than or equal to search 183
Group.ldi 138
GroupDel.ldif 138
GroupDup.ldi 138
GroupMod.ldif 138
groupOfNames object class 203
groupOfUniqueNames object class 203
groups
authentication 68
restricting access 67
H
homePostalAddress attribute 226
homeTelephoneNumber attribute 225
hostnames
authentication 69
restricting access 67
restricting superuser access with 37
HTTPS 116
SSL and 116
I
id field (LDIF) 192
importdb 138
inetOrgPerson object class 212
InitFn 97
initials attribute 226
installation
preparation 25
integrity 83
IP addresses
restricting access 67
restricting superuser access with 37
"is not" search 147, 153, 161
"is" search 147, 153, 161
J
JavaScript, enabling 16
jpegPhoto attribute 226
K
key pairs
generating 106
key-pair files
aliases and 105
generating 106
passwords and 108
keys 84
generating 106
private 84
public 84
session 101
L
l attribute (DN) 130
labeledURI attribute 226
LDAP
access control and 28
certificates and 93
command-line tools 126
defined 124
gateways 126
local database 124
local directory 124
mapping client certificates 94
structure 131
tree 131
LDAP Data Interchange Format (LDIF)
creating databases using 193, ??-196
entry format 191
example 196
line continuation 192
update statements 166
ldapmodify tool 126
ldapmodify utility
example of use 178, 179
parameters 177
LDAPReplica object class 205
ldapsearch tool 126
ldapsearch utility
example of use 189
parameters 186-190
search filters 182
LDAPServer object class 204
LDIF entries
creating 194-196
LDIF files 137
LDIF update statements 166-??, 172
change types 167
format of 166
functions of 166
less than or equal to search 183
Library 97
Lightweight Directory Access Protocol See LDAP 124
local database 124
configuring 135
limitations 125
structure (planning) 131
local directory 124
configuring 135
limitations 125
structure (planning) 131
locality object class 207
localityName attribute 227
log files
access log 40
error log 40
logging on 27
M
mail attribute 227, 228, 229, 230, 231, 232, 233, 234
managed device 44
manager attribute 230
managing certificates 114
master agent, SNMP 44
installing 49
starting 51
member attribute 230
message integrity
signing files 86
MIB 47
hierarchy 44
graphic 45
MIB tree, figure 45
MIB, Netscape 47
migrating a server 139
mobileTelephoneNumber attribute 234
monospaced fonts
used in this book 15
multiple search filters 184
N
navigators
requirements for 16
Netscape Communicator 16
Netscape cron 43
Netscape Directory Server, using with the administration server 124
Netscape MIB 47
Netscape Navigator 16
network settings 36
NMS, defined 44
Not Found message, access control and 79
ns-admin.conf 119
O
o attribute (DN) 130
object class
overview 201
reference 202-221
See also individual object class names
objectClass field (LDIF) 192
organization object class 208
organizational person, specifying entries for 194
organizational units 132
organizationalPerson object class 211
organizationalUnit object class 209
organizationalUnitName attribute 242
organizationName attribute 241
other servers (2.x) 27
ou attribute (DN) 130
overview of this manual 13
owner attribute 242
P
pagerTelephoneNumber attribute 242
passwords
authentication 68
file that store 39
key-pair files and 108
superuser 39
person object class 210
physicalDeliveryOfficeName attribute 242
port numbers 36
postalAddress attribute 235, 242, 246
postalCode attribute 243
postOfficeBox attribute 243
preferredDeliveryMethod attribute 243
presence search 184
example 185
prime numbers 87
private key 104
private keys 84
generating 106
programs
access control 76
proxy agent, SNMP 53
installing 53
starting 54
public key 104
public keys 84
generating 106
public-key encryption 84
Q
quotation marks, in parameter values 176, 186
R
redirection (access control) 79
relative distinguished name
modifying 168
replicaBinddn attribute 243
replicaBindMethod attribute 243
replicaCredentials attribute 244
replicaHost attribute 244
replicaPort attribute 244
replicaRoot attribute 244
replicaUpdateFailedAt attribute 244
replicaUpdateReplayed attribute 244
replicaUpdateSchedule attribute 245
replicaUseSSL attribute 245
restricting access 71
roomNumber attribute 245
root
entry creation 193
S
schema
overview 197-202
search filters 182-186
Boolean operators 184
examples 185
specifying file 188
syntax 182
using multiple 184
search types, list of 183
searchdb file 189, 190
searches
approximate 184
equality 183, 185
greater than or equal to 183
less than or equal to 183
of directory tree 186
presence 184, 185
specifying scope 187
substring 183
secretary attribute 245
Secure Sockets Layer (SSL) 81
security
authentication and 83
encryption and 83
increasing 101
integrity and 83
keys 84
Security directive 119
security issues 81
seeAlso attribute 245
Server Administration button 24
Server Administration page 21
2.x servers and 27
server authentication 89
explained 89
Server Manager forms 22-24
ServerCert directive 120
ServerKey directive 120
servers
configuring multiple 62
migrating 139
removing 35
restricting access to 71
security issues for 81
sharing configurations 60
trusted CAs and 93
session keys 85, 101
signing files 86
slapd.oc.conf file 201
SNMP 44-57
agents, installing 48
community strings, adding 55
community strings, configuring 55
community strings, editing 55
community strings, removing 56
configuring 44
daemon
restarting 54
master agent 44
installing 49
starting 51
proxy agent 53
installing 53
starting 54
subagent 44
subagents
installing 54
trap destinations, adding 56
trap destinations, configuring 56
trap destinations, editing 57
trap destinations, removing 57
"sounds like" search 147, 153, 161
spoofing 82
sr2x file 27
SSL
information needed to enable 111
preparation for 101
signing files 86
SSL 2.0 117
SSL-enabled browsers 81
st attribute (DN) 131
"starts with" search 147, 153, 161
stateOrProvinceName attribute 246
stopping the administration server 32
street attribute (DN) 131
streetAddress attribute 247
styles, in this book 15
subagent, SNMP 44
subagents, SNMP
installing 54
substring search 147, 153, 161, 183
subtreeACI attribute 247
SuiteSpot
defined 14
installation 25
system user 25
superuser
access control 37
defined 27
settings 37
surname attribute 247
symmetric encryption 84
system user 36
T
Technical Support 17
telephoneNumber attribute 247
terms used in this book 15
terms, in this book 15
title attribute 247
trusting certificates 113
typestyles used in this book 15
U
uid attribute (DN) 130
upgrading a server 139
URLs
SSL-enabled servers and 116
User.ldif 138
UserDel.ldif 138
UserDup.ldif 138
user-environment.acl 69
userid attribute 247
userPassword attribute 248
users
authentication 68
restricting access 67
superuser 27
V
verifycert 97
W
white space
between DN attributes 128
X
X.500 standard 128, 198