Manualshelf

HP-UX Directory Server Administrator Guide HP-UX Directory Server Version 8.1 (5900-3098, May 2013)

ManualsBrandsHP ManualsSoftwareHP-UX Directory Server
51525354555657585960
NOTE:
When the database link and remote server are configured to communicate using SSL,
this does not mean that the client application making the operation request must also
communicate using SSL. The client can bind using a normal port.
SASL/DIGEST-MD5
This requires the standard port to connect to the server. Like simple authentication, this
requires only the bind DN and password to authenticate.
SASL/GSSAPI
This also requires the standard LDAP connection because the Directory Server does not
support using GSS-API over TLS/SSL.
The local server must have a Kerberos keytab (as in About the KDC server and
keytabs (page 504)), and the remote server must have a SASL mapping to map the local
server's principal to the real user entry (as in “Configuring SASL identity mapping from
the console” (page 505)).
6. In the Remote Server Information section, select the connection type for the local server to use
to connect to the remote server. There are three options:
Use LDAP
This sets either a standard, unencrypted connection or allows SASL authentication, because
Directory Server supports SASL over standard LDAP but not SSL.
Use TLS/SSL
This uses a secure connection over the server's secure LDAPS port, such as 636. This
setting is required to use TLS/SSL, but it cannot be set if the authentication will be
performed with SASL.
When using TLS/SSL, make sure the remote server's port number is set to its secure port.
Use Start TLS
This uses Start TLS to establish a secure connection over the server's standard port.
7. In the Remote Server Information section, fill in the name and port number for the remote
server.
For any failover servers, fill in the host name and port number, and click the Add button. A
server is a backup server, so that if the primary remote server fails, the database link contacts
the first server in the failover servers list and cycles through the list until a server is accessed.
The new database link is listed under the suffix, in place of the database.
2.4 Creating and Maintaining Database Links 55