Administration Guide › Tools to Manage CA Directory › DSA Console › Specify Which Users Can Connect to a DSA Console
Specify Which Users Can Connect to a DSA Console
You can specify which users can connect to a DSA console.
To specify which users can connect to a DSA Console
- Ensure that the DSA has a local or remote console port set up and working correctly.
- Stop the DSA.
- (Optional) Create one or more roles, containing users you want to give access to.
- Add the following command to the DSA's settings configuration file:
set dxconsole-users = [users], [roles];
- users
Specifies the users who can connect to this DSA's console, as a comma-separated list of DNs.
- roles
Specifies the roles which can connect to this DSA's console, as a comma-separated list of DNs.
- Save the changed configuration file.
- Start the DSA.
Example: Set Up the Democorp DSA to Allow Directory Users to Connect through a console
This example shows how to allow users in the Democorp directory to connect to the DSA.
- Add the following commands to the Democorp DSA's settings file:
set dxconsole-users = <c AU><o Democorp><ou Corporate> <ou Administration><cn "Craig Link">,<c AU><o Democorp><ou Roles>;
set role-subtree = <c AU><o Democorp><cn Roles>;
set use-roles=true;
- Use JXweb to add passwords to the following entries in the Democorp DSA:
- cn=Nadia Kite,ou=Administration,ou=Corporate,o=Democorp,c=AU
- cn=Craig Link,ou=Administration,ou=Corporate,o=Democorp,c=AU
- Use JXweb to create a new role with one member as follows:
- Create the following entry with an object class of groupOfNames:
- Add the following DN to the member field:
- cn=Nadia Kite,ou=Administration,ou=Corporate,o=Democorp,c=AU
- Reinitialize the Democorp DSA by running the following command as user dsa:
dxserver init democorp
You are now ready to test the DSA console login:
- Try to use the DSA console to connect to the Democorp DSA using the following credentials:
- User: cn=Craig Link,ou=Administration,ou=Corporate,o=Democorp,c=AU
- Password: Use the password you created for Craig Link in Step 2.
The login should work.
- Try to use the DSA console to connect to the Democorp DSA using the following credentials:
- User: cn=Nadia Kite,ou=Administration,ou=Corporate,o=Democorp,c=AU
- Password: Use the password you created for Craig Link in Step 2.
The login should work.
- Try to use the DSA console to connect to the Democorp DSA using the following credentials:
- User: cn=John Smith
- Password: password
The login should not work.