Exit Print View

Sun OpenDS Standard Edition 2.2 Administration Guide

Get PDF Book Print View

Document Information

Before You Start

Starting and Stopping Your Server Instance

Configuring the Server Instance

Configuring the Proxy Components

Configuring Security Between Clients and Servers

Configuring Security Between the Proxy and the Data Source

How the Proxy Manages Secure Connections

Modes of Secure Connection

Configuring Security Between the Proxy and Data Source Using dsconfig

To Configure Security Between the Proxy and Directory Servers Using dsconfig

StartTLS and the Proxy

Setting Access Control Using Network Group Criteria

Configuring Servers With the Control Panel

Managing Directory Data

Replicating Directory Data

Controlling Access To Data

Managing Users and Groups

Monitoring Sun OpenDS Standard Edition

Improving Performance

Advanced Administration

Configuring Security Between the Proxy and the Data Source

Security configuration between the proxy and the remote LDAP servers can be configured as follows:

For security management, network groups can be enabled to classify incoming client connections. You can use network groups to restrict operations that can be performed based on how the connection has been classified. Use this functionality, for example, to restrict access to clients that connect from a specified IP address only. For more information, see Configuring Network Groups.

For secure client authentication between the proxy and remote LDAP servers, the certificate of the proxy must be imported into the truststore of each remote LDAP server. In this case, for Sun OpenDS Standard Edition proxy, a keystore is mandatory. The keystore must be configured manually. For details, see Configuring Key Manager Providers.

The security of Sun OpenDS Standard Edition proxy does not bypass the back-end ACI.