Previous Topic: The uxauth.ini FileNext Topic: agent


ad

The [ad] section contains Active Directory tokens with the parameters that you entered during installation.

ad_domain

Defines the name of the Active Directory domain.

Note: Do not manually edit the value of this configuration setting. Use the uxconsole -register utility to set the value of this configuration setting.

ad_gc_port

Specifies the port that the Active Directory Global Catalog service uses.

Default: 3268

ad_site

Defines the name of the Active Directory site that contains the DCs that the UNIX host uses to communicate with Active Directory.

Any values in the lookup_dc_list override the value of this configuration setting. The UNIX host does not communicate with any DC listed in the ignore_dc_list configuration setting.

Note: Do not manually edit the value of this configuration setting. Use the uxconsole -register utility to set the value of this configuration setting.

Default: none

base_dn

Defines the base_dn of the Active Directory server. CA ControlMinder automatically sets the value of this configuration setting.

cache_cleanup_interval

Specifies the cleanup interval, in hours to clean up the local users and group cache for users that are removed from partner domains with one-way trust with the registered domain. This parameter is ignored if the registration domain has no partners with one-way trust.

Value: Any positive integer.

Default: 24

Example: cache_cleanup_interval = 24

cache_cleanup_startup_time

Specifies the start time to clean up the local users and group cache for users that are removed from partner domains with one-way trust with the registered domain. This parameter is ignored if the registration domain has no partners with one-way trust.

Value: Any integer from 0 through 23.

Default: 3 (cleanup starts at 3am)

Example: cache_cleanup_startup_time = 3

computer_container

Defines the location of the UNIX host in Active Directory.

Default: cn=Computers

domain_query_order

Specifies the order in which UNAB queries Active Directory domains for users and groups.

Options: none-no order specified; comma separated list of Active Directory domains

Default: none

group_container

Specifies the base entry to search for UNIX users in Active Directory.

Limits: container name (cn=groups), ROOT for the complete Active Directory query.

Default: ROOT

group_custom_filter

Specifies a custom search filter to apply during groups search in Active Directory.

Example: gidNumber=*

Default: none

ignore_dc_list

Specifies the Active Directory domain controllers that are ignored for LDAP connection.

Options: none, comma separated list of fully qualified host names

Default: none

ignore_domain_list

Specifies the Active Directory domains that UNAB ignores when it queries users and groups.

Options: none - query current and all trusted domains; all - do not query trusted domains; a comma separated list of domains to ignore.

Default: none

ignore_group_container

Specifies the Active Directory group containers to ignore. Containers are defined by their Distinguished Names, comma separated.

Limits: none, comma separated list of distinguished names

Default: none

ignore_user_container

Specifies the Active Directory user containers to ignore. Containers are defined by their Distinguished Names, comma separated.

Limits: none, comma separated list of distinguished names

Default: none

ldap_port

Defines the port the Active Directory LDAP service uses.

Default: 389

lookup_dc_list

Specifies the Active Directory domain controllers that are used for LDAP connection. If you specify a list of domain controllers, UNAB uses the specified domain controllers only. If you do not specify the DCs to use, UNAB discovers the Active Directory site that is closest to the physical location of the endpoint and communicates with DCs in the discovered site.

Options: none, comma separated list of fully qualified host names.

Default: none

lookup_domain_list

Specifies the Active Directory domains that established a bi-directional trust with the domain that you registered UNAB.

Options: none,UNAB automatically discovers the trusted domains, comma separated list of trusted domains

Default: none

user_container

Specifies the base entry to search for UNIX users in Active Directory.

Limits: container name, ROOT for complete Active Directory query.

Default: ROOT

user_custom_filter

Specifies a custom search filter to apply during users search in Active Directory.

Default: none