The following table shows the Solaris LDAP client's profile attributes, which can be set automatically when you run idsconfig. See Initializing a Client Manually and the idsconfig(1M) man page for information on how to set a client profile manually.
Table 9–2 Client Profile Attributes
Attribute |
Description |
---|---|
cn |
The profile name. The attribute has no default value. The value must be specified. |
preferredServerList |
The host addresses of the preferred servers is a space separated list of server addresses. (Do not use host names.) The servers in this list are tried in order before those in defaultServerList until a successful connection is made. This has no default value. At least one server must be specified in either preferredServerList or defaultServerList. |
defaultServerList |
The host addresses of the default servers is a space separated list of server addresses. (Do not use host names.) After the servers in preferredServerlist are tried, those default servers on the client's subnet are tried, followed by the remaining default servers, until a connection is made. At least one server must be specified in either preferredServerList or defaultServerList. The servers in this list are tried only after those on the preferred server list. This attribute has no default value. |
defaultSearchBase |
The DN relative to which to locate the well-known containers. There is no default for this value. However, this can be overridden for a given service by the serviceSearchDescriptor attribute. |
defaultSearchScope |
Defines the scope of a database search by a client. It can be overridden by the serviceSearchDescriptor attribute. The possible values are one or sub. The default value is a one level search. |
authenticationMethod |
Identifies the method of authentication used by the client. The default is none (anonymous). See Choosing Authentication Methods for more information. |
credentialLevel |
Identifies the type of credentials a client should use to authenticate. The choices are anonymous, proxy, or self (also known as per user). The default is anonymous. |
serviceSearchDescriptor |
Defines how and where a client should search for a naming database, for example, if the client should look in one or more points in the DIT. By default no SSDs are defined. |
serviceAuthenticationMethod |
Authentication method used by a client for the specified service. By default, no service authentication methods are defined. If a service does not have serviceAuthenticationMethod defined, it will default to the value of authenticationMethod. |
attributeMap |
Attribute mappings used by client. By default no attributeMap is defined. |
objectclassMap |
Object class mappings used by client. By default no objectclassMap is defined. |
searchTimeLimit |
Maximum time [in seconds] a client should allow for a search to complete before timing out. This does not affect the time the LDAP server will allow for a search to complete. The default value is 30 seconds. |
bindTimeLimit |
Maximum time in seconds a client should allow to bind with a server before timing out. Default value is 30 seconds. |
followReferrals |
Specifies whether a client should follow an LDAP referral. Possible values TRUE or FALSE. The default value is TRUE. |
profileTTL |
Time between refreshes of the client profile from the LDAP server by the ldap_cachemgr(1M). Default is 43200 seconds or 12 hours. If given a value of 0, the profile will never be refreshed. |