XYGATE User Authentication Reference Manual
XYGATE
®
User Authentication
™
Reference Manual
Appendix B: The UAACL File
XYPRO Technology Corporation 270 Proprietary and Confidential
B26: LDAP_BIND_NAME
The Bind Name will be used by the XUA server to create a fully qualified username in
the LDAP directory.
Syntax:
LDAP_BIND_NAME "<Bind Name>"
The syntax of Bind Name differs depending on the type of LDAP.
• For Windows Active Directory use
%uid%@<domain name>
• For OpenLDAP use
cn=%uid%,o=<LDAP organization unit>,c=<country>
The
%uid% portion will be substituted by the username requiring LDAP authentication
at the time of the request.
Consider the following example where the NonStop username is
oper-1 and the
domain name is
MYCOMPANY-LOCAL :
Example 1: Specifying the bind name for Windows Active Directory
LDAP_BIND_NAME "%uid%@MYCOMPANY-LOCAL"
Example 1 will result in the Windows Active Directory username of:
oper-1@MYCOMPANY-LOCAL
And if XUA interfaces with OpenLDAP where the LDAP organization unit is
mycompany-local and the country code is usa :
Example 2: Specifying the bind name for OpenLDAP
LDAP_BIND_NAME "cn=%uid%,o=mycompany-local,c=usa"
Example 2 will result in the fully qualified name of:
cn=oper-1,o=mycompany-local,c=usa
The value of this keyword created by the XUA_LDAP_INSTALL macro can be
changed by editing the UACONF file after the macro run is completed. (Refer to
section 12.4, item 6, on page 69 and also section 12.5 for the Install procedure.)
Note: If LDAP_BIND_NAME is present in both the UACONF and UAACL files, the
bind extension could get appended twice to the userid. To prevent this, use the
LDAP_BIND_NAME either in the UACONF file or in the UAACL file. (Refer to
Chapter 15, “Mapping NonStop IDs to Alternative Authentication Databases”
starting on page 129 for more information about ID mapping.)