Manualshelf

XYGATE User Authentication Reference Manual

ManualsBrandsHP ManualsServerHP NonStop G-Series
101102103104105106107108109110
XYGATE
®
User Authentication
(XUA) 1.85 Reference Manual
Chapter 12. Configuring the LDAP Interface
XYPRO Technology Corporation 80 Proprietary and Confidential
12.7 LDAP-Related UAGroup (UAACL) Keywords
This section describes the LDAP-related keywords that are used to divert
authentication to Windows Active Directory or an OpenLDAP. The XYGATEUA
UAACL file can contain the following LDAP keywords:
UAGroup LDAP Configuration Keywords:
LDAP_AUTHENTICATE { ON | OFF | OPTIONAL }
UAGroup Userid Mapping Keywords
MAP RE:"<regular expression>" <operator>
UAGroup LDAP LOOKUP Keywords:
LDAP_DN_ATTRIBUTE "<string>"
LDAP_LOOKUP { ON | OFF }
LDAP_LOOKUP_ATTRIBUTE "<string>"
LDAP_SEARCH_USER "<string>"
LDAP_USERS_CONTAINER "<string>"
12.8 The User Schema and LDAP Mapping in the UAACL File
One authentication feature that may be set in the UACONF file, the UAACL file or both
is the LDAP_AUTHENTICATE keyword:
For the UACONF file, refer to page 220:
LDAP_AUTHENTICATE { ON | OFF | OPTIONAL }
For the UAACL file, refer to page 269:
LDAP_AUTHENTICATE {ON | OFF | OPTIONAL }
If you set these values in the UACONF file, they are global. If you did not set values for
this keyword in the UACONF or wish to override the UACONF file value for certain
groups of users, you will have to put the appropriate keyword and value in the
appropriate UAGroup(s) of the UAACL file.
Note: The LDAP_AUTHENTICATE keyword value in the UAACL file always overrides
the value in the UACONF file.
Mapping can be used to translate or convert the NonStop server Logon Name (an
alias or a Guardian user name) to the appropriate LDAP user account. Each UAGroup
may include single- or multiple-MAP keywords which are used to perform the step-by-
step conversion of the NonStop server logon name to the LDAP account. Refer to