Internet Express for Tru64 UNIX Version 6.10 Administration Guide (5900-1418, March 2011)
DescriptionField
Enter the port number on which the LDAP server is listening. The default LDAP port is
389.
Port
Enter the base distinguished name for this connection. The base distinguished name
defines the top of the directory tree. To obtain a list of base distinguished names for
a particular directory, make sure the host name and port fields have been filled in
correctly and then click the Fetch button. If the directory server has been set up to
require authentication for this operation, the Bind DN and Password fields will have
to be filled in correctly as well. The LDAP Browser will attempt to connect to the
specified LDAP server, obtain the list of supported base distinguished names, and
populate the Base DN option menu with those names.
Base DN
Choose whether to communicate with the LDAP server using the Secure Sockets Layer
(SSL). Such communication is possible only if the LDAP server has been configured
to accept SSL connections and if the certificate presented by the server during SSL
communication is signed by a trusted certificate authority. See Section : Connecting
to an LDAP Server using SSL for more information on how to create a trusted certificate
store.
Secure connection
Enter the distinguished name to use for authentication when binding to the LDAP
server. To bind to a directory anonymously, leave this field blank. Many directories
allow anonymous clients to perform read-only operations like searching but will
require authentication information for clients that attempt to write to the directory.
Bind DN
Enter the password that corresponds to the Bind DN that was entered. Leave this field
blank if anonymous binding is desired.
Password
When BIND information is entered for a connection entry, this information is stored
in the LDAP Browser configuration file in the user's home directory. If the security of
the user's home directory is compromised, that bind information could potentially be
obtained from the configuration file by an intruder. If this is a concern or if you will
not always be binding to the directory as the same user, leave the Bind DN and
Password fields blank and click in the checkbox to cause the LDAP browser to prompt
for BIND information each time the connection is established.
Bind information prompting
Indicate if you want to automatically follow referrals to entries residing on other LDAP
servers. Check either Follow or Don't Follow.
Referral strategy
Pick a strategy for dereferencing LDAP aliases. Check one of the following: Never,
Finding, Searching or Always.
Alias dereferencing
You can limit the number of entries that will be returned by any LDAP search operation.
Check either None for no search limit, or give a specific limit by checking Limit to
radio button and then entering a value in the results field. This limit can be useful
when dealing with very large directories, because searches that return large numbers
of entries can take considerable time to complete and the search results can consume
a large amount of memory.
Search limit
Enter a time limit (in milliseconds) for any LDAP operation to complete. Check the
None radio button to specify no time limit. To specify a time limit, check the Limit to
radio button, and then enter a value in milliseconds in the ms field. This option is
useful when dealing with slow or unreliable connections.
Operation time limit
Connecting to an LDAP Server using SSL
The Connection Information form for adding or modifying connections provides an option to use
the Secure Sockets Layer (SSL) when communicating with an LDAP server. SSL allows for verification
of an LDAP server's identity as well as for encryption of the data that passes between the browser
198 LDAP Directory Server Administration