HP-UX Directory Server Administrator Guide HP-UX Directory Server Version 8.1 (5900-3098, May 2013)
Glossary
A
access control
instruction
See ACI.
access control list See This used to be othertermed ACL (phil-after-Dean)ACL.
access rights In the context of access control, specify the level of access granted or denied. Access rights are
related to the type of operation that can be performed on the directory. The following rights can
be granted or denied: read, write, add, delete, search, compare, selfwrite, proxy, and all.
account
inactivation
Disables a user account, group of accounts, or an entire domain so that all authentication attempts
are automatically rejected.
ACI An instruction that grants or denies permissions to entries in the directory.
See also access control instruction.
ACL The mechanism for controlling access to your directory.
All IDs Threshold Replaced with the ID list scan limit in Directory Server version 7.1. A size limit which is globally
applied to every index key managed by the server. When the size of an individual ID list reaches
this limit, the server replaces that ID list with an All IDs token.
See also ID list scan limit.
All IDs token A mechanism which causes the server to assume that all directory entries match the index key.
In effect, the All IDs token causes the server to behave as if no index was available for the search
request.
anonymous access When granted, allows anyone to access directory information without providing credentials, and
regardless of the conditions of the bind.
approximate index Allows for efficient approximate or "sounds-like" searches.
attribute Holds descriptive information about an entry. Attributes have a label and a value. Each attribute
also follows a standard syntax for the type of information that can be stored as the attribute value.
attribute list A list of required and optional attributes for a given entry type or object class.
authenticating
directory server
In pass-through authentication (PTA), the authenticating Directory Server is the Directory Server
that contains the authentication credentials of the requesting client. The PTA-enabled host sends
PTA requests it receives from clients to the host.
authentication (1) Process of proving the identity of the client user to the Directory Server. Users must provide a
bind DN and either the corresponding password or certificate in order to be granted access to
the directory. Directory Server allows the user to perform functions or access files and directories
based on the permissions granted to that user by the directory administrator.
(2) Allows a client to make sure they are connected to a secure server, preventing another computer
from impersonating the server or attempting to appear secure when it is not.
authentication
certificate
Digital file that is not transferable and not forgeable and is issued by a third party. Authentication
certificates are sent from server to client or client to server in order to verify and authenticate the
other party.
B
base distinguished
name
See base DN.
base DN Base distinguished name. A search operation is performed on the base DN, the DN of the entry
and all entries below it in the directory tree.
bind distinguished
name
See bind DN.
bind DN Distinguished name used to authenticate to Directory Server when performing an operation.
bind rule In the context of access control, the bind rule specifies the credentials and conditions that a
particular user or client must satisfy in order to get access to directory information.
577