Internet Express for Tru64 UNIX Version 6.8 Administration Guide (14233)
4.1.1 Default Configuration for the LDAP Module for System Authentication
Internet Express configures the security matrix in the/etc/sia/matrix.conf file to use the
LDAP Module for System Authentication. The security matrix consists of a list of security-related
system calls and the library to be used for each call. As shown in Example 4-1, the
siad_ses_authent and siad_ses_estab calls are configured to use the libsialdap.so
library first. If that library is not available, or if the requested information is not found in the
LDAP server's directory, then the libc.so library is used.
See the siacfg(8) and matrix.conf(4) reference pages for more information about configuring security
methods.
Example 4-1 Security Matrix Enabled for LDAP
.
.
.
siad_getgrgid=(BSD,libc.so) (LDAP,/usr/shlib/libsialdap.so)
siad_setpwent=(BSD,libc.so) (LDAP,/usr/shlib/libsialdap.so)
.
.
.
When you install the LDAP Module for System Authentication, the installation procedure checks
the validity of the configuration information you supplied, and tries to connect to the LDAP
server you specified during the installation, then enables the LDAP Module for System
Authentication. If the connection fails, or if the required schema attributes are not found, the
LDAP Module for System Authentication is not enabled and you must use the LDAP Module
for System Authentication Administration menu to enable it (after correcting the problems) or
use the /usr/internet/ldap_tools/ldap_enable utility. Check the attribute values in
the Distinguished Name, Password, System Name, Port Number, and the Search Base fields (see
Section 4.2).
The LDAP Module for System Authentication gets its information from the LDAP server by way
of the ldapcd caching daemon (see Figure 4-1). This daemon runs at all times and is started by
the following entry in the /etc/inittab file:
ldapcd:34:respawn:/usr/sbin/ldapcd -D > /dev/console 2>&1
70 User Authentication