Index Next |
iPlanet Directory Server Access Management Edition Administration Guide |
Contents
About This Guide
What You Are Expected to Know
iPlanet Directory Server Access Management Edition Documentation Set
Organization of This Guide
Documentation Conventions Used in This Guide
Typographic Conventions
Related Information
Terminology
Chapter 1 Product OverviewDirectory Server Access Management Edition
Features of DSAME
Service Management
Installing DSAME
Policy Management
Authentication
Single Sign-On
URL Policy Agents
User Management
DSAME Console
The DSAME Console
Location Pane
Navigation Pane
Data Pane
Chapter 2 Service ManagementDefinition of a Service
DSAME Services Defined
Administration
Attribute Types
Authentication
Core
Logging
Anonymous
Certificate-based
LDAP
Membership (Self-Registration)
RADIUS
SafeWord
Unix
Naming
Platform
Session
URL Policy Agent
User
Dynamic Attributes
Service Management
Policy Attributes
User Attributes
Organization Attributes
Global Attributes
Chapter 3 Policy ManagementThe Policy Service
The URL Policy Agent
Validating a User's Sign On
Hierarchy Of Enforcement
Enforcing URL Access
How the URL Policy Agent Works
Policy Management
Registering Policy Services
Creating Named Policies
Assigning Named Policies
Assigning Named Policies to an Organization
Assigning Named Policies to a Role
Chapter 4 User ManagementThe User Management Interface
User Management View
Managing DSAME Objects
User Profile View
Organizations
Role Profile View
Create an Organization
Containers
Delete an Organization
Create a Container
People Containers
Delete a Container
Create a People Container
Group Containers
Delete a People Container
Create a Group Container
Roles
Delete a Group Container
Create a Role
Services
Delete a Role
Add Users to a Role
Remove Users from a Role
Register a Service
Policies
Create a Template for a Service
Unregister a Service
Assign a Policy
Users
Unassign a Policy
Create a User
Managed Groups
Delete a User
Create a Managed Group
Delete a Managed Group
Customize Service Access
Properties Function
Customize Attribute Access
Chapter 5 Authentication OptionsThe Core Authentication Service
To Register and Enable the Core Service
Anonymous Authentication
To Register and Enable Anonymous Authentication
Certificate-based Authentication
Logging In Using Anonymous Authentication
To Register and Enable Certificate-based Authentication
LDAP Directory Authentication
Logging In Using Certificate-based Authentication
To Register and Enable LDAP Authentication
Membership Authentication
Logging In Using LDAP Authentication
Enabling LDAP Authentication Failover
To Register and Enable Membership Authentication
RADIUS Server Authentication
Logging In Using Membership Authentication
To Register and Enable RADIUS Authentication
SafeWord Authentication
Logging In Using RADIUS Authentication
To Register and Enable SafeWord Authentication
Unix Authentication
To Register and Enable Unix Authentication
Chapter 6 Administration AttributesGlobal Attributes
Show People Containers
Organization Attributes
Display Containers In Menu
Show Group Containers
Managed Group Type
Attribute Uniqueness Enabled
Default Role Permissions (ACIs)
Organization Help Desk Admin
Domain Component Tree Enabled
Organization Admin
Admin Groups Enabled
Compliance User Deletion Enabled
Dynamic Admin Roles ACIs
Top-level Admin
User Profile Service Classes
Organization Admin
Organization Help Desk Admin
Container Admin
Container Help Desk Admin
Group Admin
People Container Admin
Groups Default People Container
Groups People Container List
Display User's Roles
User Profile Display Class
Display User's Groups
User Group Self Subscription
User Profile Display Options
User Creation Default Roles
View Menu Entries
Maximum Results Returned From Search
Timeout For Search (sec.)
JSP Directory Name
Online Help Documents
Required Services
User Search Key
User Search Return Attribute
User Creation Notification List
User Deletion Notification List
User Modification Notification List
Unique Attribute List
Chapter 7 Anonymous Authentication AttributesAuthentication Level
Valid Anonymous User List
Default Anonymous User Name
Chapter 8 Certificate Authentication AttributesMatch Certificate in LDAP
Attribute In Cert To Use To Search LDAP
Match Certificate to CRL
Attribute In Cert To Use To Search CRL
LDAP Server and Port
LDAP Start Search DN
LDAP Access Authentication Type
LDAP Server Principal User
LDAP Server Principal Password
LDAP Attribute for Profile ID
SSL On For LDAP Access
Field in Cert to Use to Access User Profile
Alternate Attribute Name To Use To Access User Profile
Authentication Level
Chapter 9 Core Authentication AttributesGlobal Attributes
Pluggable Auth Module Classes
Organization Attributes
Pluggable Auth Page Generator Classes
LDAP Connection Pool Size
LDAP Connection Default Pool Size
Authentication Menu
Dynamic User Profile Creation
Organization URL Mapping
Admin Authenticator
Dynamic User Profile Creation Default Roles
Authentication Chaining Modules
Authentication Chaining Enabled
Persistent Cookie Mode
Persistent Cookie Max Time (seconds)
Non Interactive Modules
User's Default Redirect URL
User Based Auth
People Container For All Users
Alias Search Attribute Name
Default Auth Level
User Naming Attribute
Pluggable Auth Page Generator Class
Default Auth Locale
Login Failure Lockout Mode
Login Failure Lockout Duration (minutes)
Login Failure Lockout Count
Login Failure Lockout Interval (minutes)
Email Address to Send Lockout Notification
Warn User After N Failure
Lockout Attribute Name
Lockout Attribute Value
Chapter 10 LDAP Authentication AttributesPrimary LDAP Server and Port
Secondary LDAP Server and Port
DN to Start User Search
DN for Root User Bind
Password for Root User Bind
User Entry Naming Attribute
User Entry Search Attributes
User Search Filter
Search Scope
Enable SSL to LDAP Server
Return User DN To Auth
Authentication Level
Chapter 11 Membership Authentication AttributesMinimum Password Length
Default User Roles
User Status After Registration
Primary LDAP Server and Port
Secondary LDAP Server and Port
DN to Start User Search
DN for Root User Bind
Password for Root User Bind
User Naming Attribute
User Entry Search Attributes
User Search Filter
Search Scope
Enable SSL to LDAP Server
Return User DN To Auth
Authentication Level
Chapter 12 RADIUS Authentication AttributesRADIUS Server 1
RADIUS Server 2
RADIUS Shared Secret
RADIUS Server's Port
Authentication Level
Timeout (Seconds)
Chapter 13 SafeWord Authentication AttributesSafeWord Server Specification
SafeWord System Name
SafeWord Server Verification Files Path
SafeWord Logging Level
SafeWord Log Path
SafeWord Module Authentication Level
Chapter 14 Unix Authentication AttributesGlobal Attributes
Unix Helper Configuration Port
Organization Attribute
Unix Helper Authentication Port
Unix Helper Timeout (Minutes)
Unix Helper Threads
Unix Module Authentication Level
Chapter 15 Logging AttributesMax Log Size
Number of History Files
Log Location
Logging Type
Database User Name
Database User Password
Database Driver Name
Chapter 16 Naming AttributesProfile Service URL
Session Service URL
Logging Service URL
Chapter 17 Platform AttributesServer List
Platform Locale
Cookie Domains
Login Service URL
Logout Service URL
Available Locales
Chapter 18 Session AttributesMax Session Time (Minutes)
Max Idle Time (Minutes)
Max Caching Time (Minutes)
Chapter 19 URL Policy Agent AttributesURL Policy Agent Action: Allow
URL Policy Agent Action: Deny
URL Policy Agent Action: Not Enforced
Additional Information
Hierarchy Of Enforcement
Configuring Policy Attributes
Chapter 20 User AttributesService Management Attributes
Index
User Preferred Language
User Profile Attributes
User Preferred Timezone
Inherited Locale
Admin DN Starting View
Default User Status
User Auth Modules
Home Address
Unique User IDs
User Status
First Name
Last Name
Full Name
Password
Confirm Password
Email Address
Employee Number
Telephone Number
Roles For This User
Groups for this User
Account Expiration Date
Index Next
Copyright © 2002 Sun Microsystems, Inc. All rights reserved.
Last Updated May 14, 2002