Specifies the authentication methods. Only simple is currently supported.
Specifies the authentication principal. By default, ApacheDS sets this value to uid=admin,ou=system by ApacheDS, but an optional java.naming.security.principal.alias= can be specified to ease integration. When this alias is received for authentication, it is treated exactly as uid=admin,ou=system.
Specifies the maximum number of requests that can be processed concurrently for all activated connectors that a single connector server hosts. The default value of 200 matches the Provisioning Server configuration.
If you increase this value, consider also increasing other configuration settings. For example, you can change the heap-space for the Java Virtual Machine or "ulimit –n" setting for open files on Solaris.
Note: For more information, see Configure CA IAM CS to Work Under Heavy Loads (UNIX Only).
Specifies the port on which CA IAM CS listens for insecure connections. Set the port to one of the recommended ports unless many connector servers run on the same computer. Where a secure port is configured, use the secure port instead.
The insecure port can be useful for debugging purposes. By default, CA IAM CS uses only ldapsPort.
Set the port to one of the following port numbers:
Specifies the port on which CA IAM CS listens on for secure connections. The ldapsPort, with associated properties enableLdaps, ldapsCertificateFileldapsCertificateFile, and ldapsCertificatePassword, must be a different port from the one chosen for ldapPort. Traffic on this port is secured using the configured certificate and the Transport Layer Security (TLS) protocol.
ldapsPort can also be useful for debugging. Set the logging level in the log4j.properties file to trace LDAP requests as they are delivered to the connector server.
Set the port to one of the following port numbers:
The ldapsCertificateFile is configured to reference a Java keystore containing the standard IM Provisioning Server certificate. The default ldapsCertificatePassword was set during installation.
Specifies which LDAP schemas the connector server knows. This property incorporates schemas which have been converted to Java objects by the ApacheDS build process.
You can load additional OpenLDAP formatted schema files (see http://www.openldap.org/doc/admin23/schema.html) by placing them in the conf directory (like eta_dyn_openldap.schema) or ideally contributed from the conf/ directory within a specific connector's JCS-connector-*.jar file (refer to SDK connector's conf/etaeta_sdk_openldap.schema _nds_openldap.schema registered through its conf/connector.xml descriptor in the jcs-connector-sdk.jar sample connector).
Specifies the path to an LDAPS certificate store for CA IAM CS. This store contains all the certificates that CA IAM CS uses to verify its identity during inbound LDAPS (TLS) connections. At least one certificate with an accompanying private key issued to represent CA IAM CS is placed in this store.
To change this value, add it to server_osgi_shared.xml. Values in this file overwrite any in server_osgi_ad.xml.
Specifies the password protecting the certificate store specified in ldapsCertificateFile.
The password can either be cleartext or obfuscated. For example:
{ALGORITHM}ciphertext
where ALGORITHM would be typically set to 'AES' . For example, {AES}LQpBXeIjOMGSsGLU
See The Password Tool.
Specifies any other standard ApacheDS interceptor services. The interceptor services that CA IAM CS does not require have been deactivated.
|
Copyright © 2013 CA.
All rights reserved.
|
|