Previous Topic: User Credentials on DXlink Binds

Next Topic: Automatically Authorizing LDAP Operations

Setting User Credentials for LDAP Operations

If either of the following is true, you can set the credentials used in the DXlink connections in the LDAP server configuration file:

The LDAP DSA name must be a valid entry in the LDAP server because all requests from the backbone use the permissions that are granted to this entry.

The DSA in the previous example expects credentials to be returned on the bind confirm sent by the LDAP server. If no credentials are returned, then the bind is rejected.

The knowledge reference of the LDAP server can include the trust flag no-server-credentials, which indicates to the DSA that the LDAP server will not return credentials on a bind.

When this flag is set, then the DSA accepts a bind confirm result returned from the LDAP server if it does not include credentials, as in the following example:

set dsa LDAP1 = {
...
trust-flags = no-server-credentials
...
 };