Directory Proxy Server 5.2 groups are configured by setting the attributes of the ids-proxy-sch-NetworkGroup object class. These attributes can be mapped to properties of Directory Proxy Server 11g Release 1 (11.1.1) connection handlers, data sources and listeners. For a list of all the properties related to these objects, run the dpconf help-properties command, and search for the object. For example, to locate all the properties of a connection handler, run the following command:
$ dpconf help-properties | grep connection-handler
In Directory Proxy Server 5.2, these configuration attributes are stored under ou=groups,cn=user-defined-name,ou=dar-config,o=NetscapeRoot.
The following table maps Directory Proxy Server 5.2 network group attributes to the corresponding Directory Proxy Server 11g Release 1 (11.1.1) properties and describes how to set these properties by using the command line.
Table 9–4 Mapping of Network Group Attributes
Directory Proxy Server 5.2 Network Group Attribute |
Directory Proxy Server 11g Release 1 (11.1.1) Property |
---|---|
ids-proxy-con-Client |
domain-name-filters and ip-address-filters properties of a connection handler |
ids-proxy-con-include-property |
No equivalent |
ids-proxy-con-include-rule |
No equivalent |
ids-proxy-con-ssl-policy:ssl_required |
Set this as a connection handler property by using the following command: $ dpconf set-connection-handler-prop CONNECTION-HANDLER-NAME is-ssl-mandatory:true |
ids-proxy-con-ssl-policy:ssl_optional |
Set this as an LDAP data source property by using the following command: $ dpconf set-ldap-data-source-prop ds1 ssl-policy:client |
ids-proxy-con-ssl-policy:ssl_unavailable |
Set this as a connection handler property by using the following command: $ dpconf set-connection-handler-prop CONNECTION-HANDLER-NAME is-ssl-mandatory:false |
ids-proxy-con-tcp-no-delay |
Set this as a property for a specific listener port by using the following command: $ dpconf set-ldap-listener-prop use-tcp-no-delay:true |
ids-proxy-con-allow-multi-ldapv2–bind |
No equivalent |
ids-proxy-con-reverse-dns-lookup |
No equivalent |
ids-proxy-con-timeout |
This functionality exists but with less granularity than in Directory Proxy Server 5. Set this limit as a property for a specific listener port by using the following command: $ dpconf set-ldap-listener-prop connection-idle-timeout:value |