Internet Express for Tru64 UNIX Version 6.8 Administration Guide (14233)
DescriptionField
Enter the port number on which the LDAP server is listening. The default LDAP
port is 389.
Port
Enter the base distinguished name for this connection. The base distinguished name
defines the top of the directory tree. To obtain a list of base distinguished names
for a particular directory, make sure the host name and port fields have been filled
in correctly and then click the Fetch button. If the directory server has been set up
to require authentication for this operation, the Bind DN and Password fields will
have to be filled in correctly as well. The LDAP Browser will attempt to connect to
the specified LDAP server, obtain the list of supported base distinguished names,
and populate the Base DN option menu with those names.
Base DN
Choose whether to communicate with the LDAP server using the Secure Sockets
Layer (SSL). Such communication is possible only if the LDAP server has been
configured to accept SSL connections and if the certificate presented by the server
during SSL communication is signed by a trusted certificate authority. See
Section 11.2.2.3: Connecting to an LDAP Server using SSL for more information on
how to create a trusted certificate store.
Secure connection
Enter the distinguished name to use for authentication when binding to the LDAP
server. To bind to a directory anonymously, leave this field blank. Many directories
allow anonymous clients to perform read-only operations like searching but will
require authentication information for clients that attempt to write to the directory.
Bind DN
Enter the password that corresponds to the Bind DN that was entered. Leave this
field blank if anonymous binding is desired.
Password
When BIND information is entered for a connection entry, this information is stored
in the LDAP Browser configuration file in the user's home directory. If the security
of the user's home directory is compromised, that bind information could potentially
be obtained from the configuration file by an intruder. If this is a concern or if you
will not always be binding to the directory as the same user, leave the Bind DN and
Password fields blank and click in the checkbox to cause the LDAP browser to
prompt for BIND information each time the connection is established.
Bind information prompting
Indicate if you want to automatically follow referrals to entries residing on other
LDAP servers. Check either Follow or Don't Follow.
Referral strategy
Pick a strategy for dereferencing LDAP aliases. Check one of the following: Never,
Finding, Searching or Always.
Alias dereferencing
You can limit the number of entries that will be returned by any LDAP search
operation. Check either None for no search limit, or give a specific limit by checking
Limit to radio button and then entering a value in the results field. This limit can
be useful when dealing with very large directories, because searches that return
large numbers of entries can take considerable time to complete and the search
results can consume a large amount of memory.
Search limit
Enter a time limit (in milliseconds) for any LDAP operation to complete. Check the
None radio button to specify no time limit. To specify a time limit, check the Limit
to radio button, and then enter a value in milliseconds in the ms field. This option
is useful when dealing with slow or unreliable connections.
Operation time limit
11.2.2.3 Connecting to an LDAP Server using SSL
The Connection Information form for adding or modifying connections provides an option to
use the Secure Sockets Layer (SSL) when communicating with an LDAP server. SSL allows for
verification of an LDAP server's identity as well as for encryption of the data that passes between
204 LDAP Directory Server Administration