Novell LDAP Proxy 1.0 Administration Guide - NetIQ

More documents

Recommendations

Info

Both the and elements must have the following attribute: • id-load-balancer: The identity of the load balancer (back-end server group). This is a mandatory attribute and its value is used to refer to the load balancer. It must be a unique alphanumeric value. In the sample configuration, the back-end server is identified as connld. Both the and elements must have the following child element: • : The back-end server to be grouped in the defined back-end server group. The term ref in this element indicates that this element is actually a pointer to a back-end server. For instance, the sample configuration indicates that the specified connection-based server group is made up of the Backend1 and Backend3 back-end servers. 3.6.2 Example In this example, two back-end server groups are defined as connld and dynld. Connld indicates that a connection-based load balancing is performed between Backend1 and Backend3. Dynld indicates that dynamic load balancing is performed between Backend2 and Backend4. 3.7 Configuring Additional Policies The node of the XML configuration file lists all the policies configured for the LDAP Proxy 1. All the additional policies must be defined in this node. Every policy defined while configuring the proxy has a rule associated with it. The rule is made up of the following elements: • A condition or a group of conditions. • An action that must be performed on the incoming request and outgoing responses if the condition evaluates to true. • A default action that must be performed if the condition evaluates to false. You can configure the following policies for LDAP Proxy: • Section 3.7.1, “Client Network Policy,” on page 35 • Section 3.7.2, “Operation Restriction Policy,” on page 38 • Section 3.7.3, “Map Schema Policy,” on page 40 34 Novell LDAP Proxy 1.0 Administration Guide
• Section 3.7.4, “Search Request Policy,” on page 41 • Section 3.7.5, “Connection Route Policy,” on page 45 • Section 3.7.6, “Replace String Policy,” on page 48 3.7.1 Client Network Policy The Client Network policy must be defined in the node of the XML configuration file. For instance, assume that you want to define a simple Client Network policy that has one condition and its relevant action and default action. Any incoming client requests from a network with an IP address equal to 192.168.1.0 and with subnet bits equal to 24 must be allowed to establish a connection. You can define the configuration as follows: To add a Client Network policy: 1 Open the nlpconf.xml file from the /etc/opt/novell/ldapproxy/conf directory in any XML editor. 2 To add a Client Network policy, create an instance within the node. Use the sample configuration as a pattern. You must define the policy as the first policy in the node. 3 Define a name to identify the policy, a set of conditions, an action, and a default action for the policy. For more information on the elements and attributes that are used to define a Client Network policy, refer to “Configuring a Client Network Policy” on page 35. 4 To add more Client Network policies, repeat Step 2 to Step 3. 5 Save the nlpconf.xml file. Configuring a Client Network Policy The following elements and parameters are used to configure Client Network policies: Manually Configuring Novell LDAP Proxy 35
Page 1 and 2: AUTHORIZED DOCUMENTATION Administra
Page 4 and 5: 4 Novell LDAP Proxy 1.0 Administrat
Page 6 and 7: 4.2 Basic Configuration . . . . . .
Page 8 and 9: 8 Novell LDAP Proxy 1.0 Administrat
Page 10 and 11: 1.2 Benefits of Using LDAP Proxy Th
Page 12 and 13: • The Operation Restriction polic
Page 14 and 15: 14 Novell LDAP Proxy 1.0 Administra
Page 16 and 17: • Acts as the directory firewall
Page 18 and 19: In dynamic load balancing, the load
Page 20 and 21: Client Network Policy The Client Ne
Page 24 and 25: 3.2 Sample XML Files and XML Format
Page 26 and 27: For instance, assume that you want
Page 28 and 29: 3.4.2 Examples • “Example 1”
Page 30 and 31: 2 To add a back-end server to the e
Page 32 and 33: 3.5.2 Examples • “Example 1”
Page 36 and 37: id-policy: The identity of the poli
Page 38 and 39: Example 2 specifies a Client Networ
Page 40 and 41: Example This example specifies that
Page 42 and 43: To add a Search Request policy: 1 O
Page 44 and 45: Examples • : Restricts some part/
Page 46 and 47: To add a Connection Route policy: 1
Page 48 and 49: Any policy that is referred in the
Page 50 and 51: Configuring a Replace String Policy
Page 52 and 53: The proxy configuration allows you
Page 54 and 55: Category Event-id Description 14425
Page 56 and 57: Replace username with the user DN f
Page 58 and 59: • libXcomposite • gtk2 Hardware
Page 60 and 61: The Novell LDAP Proxy Manager windo
Page 62 and 63: 5 To add a listener, click the icon
Page 64 and 65: The Add New Backend Server window i
Page 66 and 67: 5 To add a server group, click the
Page 68 and 69: 5c Specify a name to identify the l
Page 70 and 71: 7d Specify the following: • Load
Page 74 and 75: 3b On the Proxy Server Details page
Page 76 and 77: The graph displays the live monitor
Page 78 and 79: If the Trend Manager tool and proxy
Page 80 and 81: Event Category Event Description Cu
Page 82 and 83: Event Category Event Description Av
Page 84 and 85:
• Client address: Logs the client
Page 86 and 87:
Figure A-1 Sample Directory Informa
Page 88 and 89:
Error Code 0x81530102 Remedy Cause:
Page 90 and 91:
Error Code 0x815B0105 Remedy Cause:
Page 92:
Error Code 0x815F0106 Remedy Cause:
show all

Novell LDAP Proxy 1.0 Administration Guide - NetIQ

Create successful ePaper yourself

Delete template?

Save as template?