Directory Proxy Server 5.2 groups are configured by setting the attributes of the ids-proxy-sch-NetworkGroup object class. These attributes can be mapped to properties of Directory Proxy Server 7.0 connection handlers, data sources and listeners. For a list of all the properties related to these objects, run the dpconf help-properties command, and search for the object. For example, to locate all the properties of a connection handler, run the following command:
$ dpconf help-properties | grep connection-handler
In Directory Proxy Server 5.2, these configuration attributes are stored under ou=groups,cn=user-defined-name,ou=dar-config,o=NetscapeRoot.
The following table maps Directory Proxy Server 5.2 network group attributes to the corresponding Directory Proxy Server 7.0 properties and describes how to set these properties by using the command line.
Table 7–4 Mapping of Network Group Attributes
Directory Proxy Server 5.2 Network Group Attribute |
Directory Proxy Server 7.0 Property |
---|---|
ids-proxy-con-Client |
domain-name-filters and ip-address-filters properties of a connection handler |
ids-proxy-con-include-property |
No equivalent |
ids-proxy-con-include-rule |
No equivalent |
ids-proxy-con-ssl-policy:ssl_required |
Set this as a connection handler property by using the following command: $ dpconf set-connection-handler-prop CONNECTION-HANDLER-NAME is-ssl-mandatory:true |
ids-proxy-con-ssl-policy:ssl_optional |
Set this as an LDAP data source property by using the following command: $ dpconf set-ldap-data-source-prop ds1 ssl-policy:client |
ids-proxy-con-ssl-policy:ssl_unavailable |
Set this as a connection handler property by using the following command: $ dpconf set-connection-handler-prop CONNECTION-HANDLER-NAME is-ssl-mandatory:false |
ids-proxy-con-tcp-no-delay |
Set this as a property for a specific listener port by using the following command: $ dpconf set-ldap-listener-prop use-tcp-no-delay:true |
ids-proxy-con-allow-multi-ldapv2–bind |
No equivalent |
ids-proxy-con-reverse-dns-lookup |
No equivalent |
ids-proxy-con-timeout |
This functionality exists but with less granularity than in Directory Proxy Server 5. Set this limit as a property for a specific listener port by using the following command: $ dpconf set-ldap-listener-prop connection-idle-timeout:value |