Novell LDAP Proxy 1.0 Administration Guide - NetIQ
Novell LDAP Proxy 1.0 Administration Guide - NetIQ
Novell LDAP Proxy 1.0 Administration Guide - NetIQ
Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
The element can have the following child elements:<br />
• : An explanation about the policy. This is an optional element used for reference<br />
purposes.<br />
3.8 Handling Attribute OIDs in Policies<br />
As indicated in RFC 4512 section 2.5, attributes can also be referred to by their OIDs. This means<br />
that policies can be easily bypassed when attribute OIDs are used in the incoming request.<br />
<strong>LDAP</strong> <strong>Proxy</strong> provides a map file for default attribute names, which is called nlpschemaconf.xml,<br />
located in the /etc/opt/novell/ldapproxy/conf directory. This file contains attribute name<br />
OID maps for the default schema provided by directories such as <strong>Novell</strong> eDirectory, Active<br />
Directory, Sun ONE, IBM Tivoli, and Oracle OID.<br />
However, OIDs related to custom schemas are not supported and need to be handled manually. For<br />
example, to add an attribute name OID map for attributeTypes “2.16.840.1.113719.1.1.4.1.59.12<br />
NAME 'myattribute' SYNTAX 1.3.6.1.4.1.1466.115.121.1.12”, add the following node to the<br />
nlpschemaconf.xml file:<br />
<br />
myattribute<br />
<br />
3.9 Configuring <strong>Proxy</strong> Paths<br />
The node is an optional node that defines the location of certain mandatory<br />
directories that are installed during proxy installation.<br />
By default, the node is defined in the nlpconf.xml file as follows:<br />
Configuration Parameters<br />
The following elements and parameters are used to configure proxy paths:<br />
• : The location of the conf directory. In the sample configuration, the location<br />
specified is /etc/opt/novell/ldapproxy/conf.<br />
• : The location of the log file. In the sample configuration, the location specified is /<br />
var/opt/novell/ldapproxy/log.<br />
3.10 Configuring Audit Events<br />
<strong>LDAP</strong> <strong>Proxy</strong> enables you to monitor all the user activities that occur in the proxy. This helps you to<br />
track user activities including local activities such as <strong>LDAP</strong> requests, back-end server status, policy<br />
actions, configuration changes, and session details. This helps to detect and resolve potential<br />
problems before they arise, so that users are not denied access to critical services.<br />
Manually Configuring <strong>Novell</strong> <strong>LDAP</strong> <strong>Proxy</strong> 51