A.12. Passwords Tab

Usage: Use the Password Cache table to manage entries in the password cache.

Description

The Passwords tab lists all password cache entries for the SGD array.

Use the New button to add a password cache entry, using the Create New Password Cache Entry page.

Use the Edit button to edit an entry in the password cache, or the Delete button to remove an entry from the password cache.

Use the Reload button to refresh the Password Cache table.

Use the Search field to search for entries in the Password Cache table. You can use the * wildcard in your search string. Typing a search string of name is equivalent to searching for *name* and returns any match of the search string. The number of results returned by a search is limited to 150, by default.

A.12.1. Adding Entries to the Password Cache

When you create a new password cache entry, it is important that you enter a valid name in the User Identity or Server fields on the Create New Password Cache Entry page. The Administration Console supports several ways that you can enter a name in the User Identity or Server field, as follows:

  • Browse button. If the selected User Identity Type option is Local or LDAP/Active Directory, you can use the Browse button next to the User Identity or Server field to browse for object names. Using the Browse button in this way avoids errors when typing in object names.

  • Full Name. Type the full name into the field. For example, you can type in the fully qualified name for an application server from the local repository as follows:

    .../_ens/o=appservers/cn=boston
  • Partial Name. Type a partial name, without the namespace prefix, in the field. Depending on the selected User Identity Type option, the Administration Console adds the relevant namespace prefix when the password cache entry is saved.

    For example, if you select UNIX (User/Groups) as the User Identity Type and type o=organization/cn=Indigo Jones in the field, the Administration Console creates the password cache entry using the name .../_user/o=organization/cn=Indigo Jones.

    The Administration Console adds the .../_user namespace prefix when the password cache entry is saved.

    The following table shows the namespace prefixes that the Administration Console adds for the selected User Identity Type option.

    User Identity Type

    Namespace Prefix

    Local

    .../_ens

    UNIX (User/Groups)

    .../_user

    Windows Domain Controller

    .../_wns

    LDAP/Active Directory

    .../service/sco/tta/ldapcache

    SecurID

    .../service/sco/tta/securid

    Anonymous

    None

    Third Party

    .../service/sco/tta/thirdparty

    If you specify a partial name in the Server field, the Administration Console adds the .../_ens/o=appservers namespace prefix when the password cache entry is saved.

LDAP names must be typed in using the SGD naming format. The following example shows a partial name for a user identity from an LDAP repository:

dc=com/dc=example/cn=indigo-jones

This name is converted to the correct LDAP format when the password cache entry is saved, as follows:

.../_service/sco/tta/ldapcache/cn=indigo-jones,dc=example,dc=com

Command Line

On the command line, use the tarantella passcache commands to list, add, and delete password cache entries. See Section D.54, “tarantella passcache”.