Sun Java System Directory Server Enterprise Edition 6.0 Migration Guide

Mapping Bind Forwarding

Directory Proxy Server 5 bind forwarding is used to determine whether to pass a bind request on to an LDAP server or to reject the bind request and close the client's connection. Directory Proxy Server 6.0 forwards either all bind requests or no bind requests. However, by setting the allowed-auth-methods connection handler property, successful binds can be classified into connection handlers, according to the authentication criteria. Directory Proxy Server 6.0 can be configured to reject all requests from a specific connection handler, providing the same functionality as Directory Proxy Server 5 bind forwarding.

In Iplanet Directory Access Router 5.0 (IDAR) these configuration attributes are stored under ids-proxy-con-Name=group-name,ou=groups,ou=pd2,ou=iDAR,o=services. In Directory Proxy Server 5.2, these configuration attributes are stored under ou=groups,cn=user-defined-name,ou=dar-config,o=NetscapeRoot

The following table maps the Directory Proxy Server 5 bind forwarding attributes to the corresponding Directory Proxy Server 6 connection handler property settings.

Table 6–6 Mapping of Directory Proxy Server 5 Bind Forwarding Attributes to Directory Proxy Server 6 Connection Handler Property Settings

Directory Proxy Server 5 Attribute 

Directory Proxy Server 6 Property 

ids-proxy-con-bind-name

No equivalent 

ids-proxy-con-permit-auth-none

allowed-auth-methods:anonymous

ids-proxy-con-permit-auth-simple

allowed-auth-methods:simple

ids-proxy-con-permit-auth-sasl

allowed-auth-methods:sasl