HP-UX Directory Server Administrator Guide HP-UX Directory Server Version 8.1 (5900-3098, May 2013)
• Name
This field sets the unique name of the SASL mapping.
• Regular expression
This field sets the regular expression used to match the DN components, such as \(.*\).
This field corresponds to the nsSaslMapRegexString value in the SASL mapping LDIF
entry.
• Search base DN
This field gives the base DN to search to map entries, such as
ou=People,dc=example,dc=com. This field corresponds to the
nsSaslMapBaseDNTemplate value in the SASL mapping LDIF entry.
• Search filter
This field gives the search filter for the components to replace, such as
(objectclass=*). This field corresponds to the nsSaslMapFilterTemplate value
in the SASL mapping LDIF entry.
To edit a SASL identity mapping, highlight that identity in the SASL Mapping tab, and click Modify.
Change any values, and save.
To delete a SASL identity mapping, highlight it and click Delete. A dialog box comes up to confirm
the deletion.
13.2.2 Configuring SASL identity mapping from the command line
To configure SASL identity mapping from the command line, use the ldapmodify utility to add
the identity mapping scheme. For example:
ldapmodify -a -D "cn=directory manager" -w secret -p 389 -h server.example.com
dn: cn=example map,cn=mapping,cn=sasl,cn=config
objectclass: top
objectclass: nsSaslMapping
cn: example map
nsSaslMapRegexString: \(.*\)
nsSaslMapBaseDNTemplate: ou=People,dc=example,dc=com
nsSaslMapFilterTemplate: (cn=\1)
This matches any user's common name and maps it to the result of the the subtree search with base
ou=People,dc=example,dc=com, based on the filter cn=userId.
506 Managing SASL