Exit Print View

Sun OpenDS Standard Edition 2.0 Administration Guide

Get PDF Book Print View

Document Information

Configuring the Directory Server

Managing Administration Traffic to the Server

Overview of the Administration Connector

Accessing Administrative Suffixes

To Configure the Administration Connector

Configuring the Directory Server With dsconfig

Overview of the dsconfig Command

Using dsconfig in Interactive Mode

Getting Help With dsconfig

Configuring a Directory Server Instance

To Display the Properties of a Component

To List Components

To Modify the Properties of a Component

To Modify the Values of a Multi-Valued Property

To Create a Component

To Delete a Component

Configuring the Connection Handlers

To Display All Connection Handlers

Configuring the LDAP Connection Handler

To Control Which Clients Have LDAP Access to the Directory Server

Configuring the LDIF Connection Handler

To Enable the JMX Alert Handler Through the LDIF Connection Handler

Configuring the JMX Connection Handler

To Change the Port on Which the Server Listens for JMX Connections

Configuring Plug-Ins With dsconfig

Overview of Plug-In Types

Modifying the Plug-In Configuration

To Display the List of Plug-Ins

To Create a New Plug-In

To Enable or Disable a Plug-In

To Display and Configure Plug-In Properties

To Configure Plug-In Invocation Order

Configuring Commands As Tasks

Utilities That Can Schedule Tasks

Controlling Which Tasks Can Be Run

Scheduling and Configuring Tasks

To Schedule a Task

To Schedule a Recurring Task

To Configure Task Notification

To Configure Task Dependencies

Managing and Monitoring Scheduled Tasks

To Obtain Information About Scheduled Tasks

To Cancel a Scheduled Task

To Cancel a Recurring Task

Managing the Directory Server With the Control Panel

To Start the Control Panel

To Specify the Trust Manager Provider and Trust Store Algorithm Used by the Control Panel

Configuring and Testing the DSML Gateway

Deploying the DSML Gateway

Deploying the DSML Gateway in Apache Tomcat

Deploying the DSML Gateway in Glassfish

Deploying the DSML Gateway in Sun Java System Web Server 7

Configuring the DSML Gateway

Confirming the DSML Gateway Deployment

Confirming the DSML Gateway Deployment with JXplorer

Confirming the DSML Gateway Deployment with the Directory Server Resource Kit

Configuring Security in the Directory Server

Managing Directory Data

Controlling Access To Data

Replicating Data

Managing Users and Groups

Directory Server Monitoring

Improving Performance

Advanced Administration

Configuring the LDAP Connection Handler

The following command displays the properties of the LDAP connection handler:

$ dsconfig "cn=directory manager" -w password -n get-connection-handler-prop \
  --handler-name "LDAP Connection Handler"

Property : Value(s)
allow-ldap-v2 : true
allow-start-tls : false
allowed-client : -
denied-client : -
enabled : true
keep-stats : true
key-manager-provider : -
listen-address :
listen-port : 1389
ssl-cert-nickname : server-cert
ssl-cipher-suite : -
ssl-client-auth-policy : optional
ssl-protocol : -
trust-manager-provider : -
use-ssl : false

To Control Which Clients Have LDAP Access to the Directory Server

You can specify a list of clients that may or may not access the directory server over LDAP. To do this, set the allowed-client or denied-client property of the LDAP connection handler. These properties take an IP address or subnetwork with subnetwork mask as values.

By default, these properties are not set and all clients are allowed access. Changes to these properties take effect immediately but do not interfere with connections that are already established.

This example permits access only to clients in the subnet mask