XYGATE User Authentication Reference Manual

ManualsBrandsHP ManualsServerHP NonStop G-Series

101

102

103

104

105

106

107

108

109

110

XYGATE

User Authentication

™

(XUA) 1.85 Reference Manual

Chapter 12. Configuring the LDAP Interface

XYPRO Technology Corporation 74 Proprietary and Confidential

users will enter as part of the prefix to the password response in order to indicate

which LDAP authentication point is to be used.

When more than one LDAP authentication point is to be configured, each set of

configuration values will be identified by a user-specified name. The value entered

here is the value that users will need to enter as part of a prefix added to the password

response when authenticating via LDAP in order to indicate which LDAP

authentication point to use.

The corresponding UACONF keyword is LDAP_GROUP.

(Item 12):

Since more than one LDAP group is to be configured, one of the groups

may be designated as the default, to be used automatically when none

is specified via a prefix to the password prompt.

Enter ON or OFF for LDAP_GROUP_DEFAULT <OFF>? ON

When multiple LDAP authentication points are defined, one can be designated as the

default. The default will be used when users do not specify an LDAP group as part of

the password response.

When authenticating via LDAP and a user does not specify the LDAP group as part of

the password response, the default group will be assumed if one has been designated

the default; otherwise, XUA will respond with “*ERROR* Invalid username or

password.” Only one LDAP group can be designated as the default group.

LDAP_GROUP LD1

LDAP_GROUP_DEFAULT ON

LDAP_HOST ldap1.example.com

LDAP_VERSION 3

LDAP_TYPE WINDOWS

LDAP_PROXY_IP_PROC $ZTC0

!LDAP_BIND_NAME

LDAP_PROXY_TIMEOUT 5

LDAP_PROXY_CACERT "bothcert"

LDAP_PORT 636

LDAP_PROXY_LOG /G/SYSTEM/XYGATEUA/zzldlog

!LDAP_LOOKUP ON

!LDAP_USERS_CONTAINER "cn=users,dc=domain,dc=com"

!LDAP_LOOKUP_ATTRIBUTE "samaccountname"

!LDAP_DN_ATTRIBUTE "dn"

!LDAP_SEARCH_USER "cn=search-user,cn=users,dc=domain,dc=com"

!LDAP_PROXY_ENV ""

!LDAP_PROXY_OPTIONS "-mon -d"

!LDAP_PROXY_HOMETERM <telserv terminal>

Enter NEW LDAP group value <LD2>? 

Above, the configuration values already entered for the LDAP authentication point are

displayed. The user is now being asked to supply a value to identify the next set of

LDAP configuration values. The value entered here is the value that users will need to