Manualshelf

Server User Manual

ManualsBrandsRed Hat ManualsServer8.1
51525354555657585960
cn=config
41
Parameter Description
Example nsslapd-ldapimaprootdn: cn=Directory Manager
2.3.1.70. nsslapd-ldapimaptoentries (Enable Autobind Mapping for
Regular Users)
With autobind, a system user is mapped to a Directory Server user and then automatically
authenticated to the Directory Server over a UNIX socket. This mapping is automatic for root users,
but it must be enabled for regular system users through the nsslapd-ldapimaptoentries
attribute. Setting this attribute to on enables mapping for regular system users to Directory Server
entries. If this attribute is not enabled, then only root users can use autobind to authenticate to the
Directory Server, and all other users connect anonymously.
The mappings themselves are configured through the nsslapd-ldapiuidnumbertype and
nsslapd-ldapigidnumbertype attributes, which map Directory Server attributes to the user's UID
and GUID numbers.
Users can only connect to the server with autobind if LDAPI is enabled (nsslapd-ldapilisten and
nsslapd-ldapifilepath) and autobind is enabled (nsslapd-ldapiautobind).
Parameter Description
Entry DN cn=config
Valid Values on | off
Default Value off
Syntax DirectoryString
Example nsslapd-ldapimaptoentries: on
2.3.1.71. nsslapd-ldapiuidnumbertype
Autobind can be used to authenticate system users to the server automatically and connect to the
server using a UNIX socket. To map the system user to a Directory Server user for authentication,
the system user's UID and GUID numbers must be mapped to be a Directory Server attribute. The
nsslapd-ldapiuidnumbertype attribute points to the Directory Server attribute to map system
UIDs to user entries.
Users can only connect to the server with autobind if LDAPI is enabled (nsslapd-ldapilisten
and nsslapd-ldapifilepath), autobind is enabled (nsslapd-ldapiautobind), and autobind
mapping is enabled for regular users (nsslapd-ldapimaptoentries).
Parameter Description
Entry DN cn=config
Valid Values Any Directory Server attribute
Default Value uidNumber
Syntax DirectoryString
Example nsslapd-ldapiuidnumbertype: uidNumber