HP-UX Directory Server Administrator Guide HP-UX Directory Server Version 8.1 (5900-3098, May 2013)
There are three areas of information that can be edited.
• The connection type (standard, TLS/SSL, and Start TLS).
• The bind user, both DN and password.
• Whether to synchronize new Directory Server users and new Directory Server groups
automatically.
There are three options for the connection type but there are really only two connection
protocols, LDAP and LDAPS:
• Standard
• TLS/SSL
• Start TLS
Both a standard connection and Start TLS connection use LDAP (Start TLS creates a secure
connection over an insecure port).
It is not possible to change the connection protocol because it is not possible to change the
port number used to connect to the Windows sync peer.
It is possible to change the connection type between the standard connection and Start TLS,
but it is not possible to change from TLS/SSL to either the standard or Start TLS connections.
Likewise, it is not possible to go from standard or Start TLS to TLS/SSL. If you need to change
the connection protocol or the port number, delete the synchronization agreement and create
a new one.
9.7.2 Adding and editing the sync agreement in the command line
Creating or editing the synchronization agreement through the command line is more flexible and
provides more options than using the Directory Server Console. The full list of synchronization
agreement attributes are listed in “Sync agreement attributes” (page 423) and described in the
HP-UX Directory Server configuration, command, and file reference.
9.7 Modifying the sync agreement 421