Manualshelf

XYGATE User Authentication Reference Manual

ManualsBrandsHP ManualsServerHP NonStop G-Series
919293949596979899100
XYGATE
®
User Authentication
(XUA) 1.85 Reference Manual
Chapter 12. Configuring the LDAP Interface
XYPRO Technology Corporation 72 Proprietary and Confidential
(Item 4):
What is the LDAP server type (Windows or OpenLDAP) <WINDOWS>?
Obtain this information from your LDAP administrator. One of the following inputs will
determine which type of LDAP is being used:
WINDOWS for Windows Active Directory
OpenLDAP for OpenLDAP
The corresponding UACONF keyword is LDAP_TYPE.
(Item 5):
What is the TCPIP process name <$ZTC0>?
Specify the name of the current TCP/IP process through which XUA will communicate
with the proxy. Usually, the default value will be the correct value.
It is possible that your LDAP server must be accessed through a different TCP/IP
process (aka, stack). (Check with your NonStop administrator if you are not sure.) You
may test access through a specific TCP/IP process name as follows:
TACL> DELETE DEFINE **
TACL> ADD DEFINE =TCPIP^PROCESS^NAME,FILE <tcpip-process-name>
TACL> PING <ldap-host-name>
The corresponding UACONF keyword is LDAP_PROXY_IP_PROC.
(Item 6):
What BIND name is used for the LDAP server <press Enter if none>?
The BIND name can be used by the XUA server to create a fully qualified username in
the LDAP directory using the MAP operators described in Chapter 15 starting on
page 129. The syntax for the above entry differs depending on the type of LDAP:
For Windows Active Directory enter:
%uid%@<domain name>
For Open LDAP enter:
cn=%uid%,o=<LDAP organization unit>,c=<country>
(Item 7):
How many seconds should XUA wait for an LDAP response before timeout <5>?
XUA will wait for this number of seconds for the LDAP response to decide that it is not
available. Once the timeout is reached, XUA will process the logon request depending
upon the LDAP_AUTHENTICATE value.
The default value of 5 will work in most cases; however, if you later find that timeouts
are occurring, this value can be increased.
The corresponding UACONF keyword is LDAP_PROXY_TIMEOUT.