Sun Directory Server Enterprise Edition 7.0 Administration Guide

ProcedureTo Configure Remote User Mapping

You can use DSCC to perform this task. For information, see Directory Service Control Center Interface and the DSCC online help.

  1. Enable operations to be forwarded with an alternate user.


    $ dpconf set-server-prop -h host -p port enable-user-mapping:true
  2. Specify the name of the attribute that contains the ID for remote mapping.


    $ dpconf set-server-prop -h host -p port \
     remote-user-mapping-bind-dn-attr:attribute-name
    
  3. Enable Directory Proxy Server to map the client ID remotely.


    $ dpconf set-server-prop -h host -p port enable-remote-user-mapping:true
  4. Configure the default mapping.


    $ dpconf set-server-prop -h host -p port \
     user-mapping-default-bind-dn:default-mapping-bind-dn \
     user-mapping-default-bind-pwd-file:filename
    

    If the mapped identity is not found on the remote LDAP server, the client identity is mapped to the default identity.

  5. Configure the user mapping in the entry for the client on the remote LDAP server.

    For information about configuring user mapping in Directory Server, see Proxy Authorization.