Search This Blog
-
Join 1,806 other subscribers
Archives
- April 2014 (1)
- July 2013 (3)
- June 2013 (1)
- May 2013 (2)
- January 2013 (1)
- December 2012 (3)
- November 2012 (1)
- June 2012 (5)
- May 2012 (2)
- April 2012 (1)
- March 2012 (2)
- February 2012 (1)
- December 2011 (4)
- November 2011 (5)
- October 2011 (6)
- September 2011 (2)
- August 2011 (3)
- July 2011 (5)
- June 2011 (2)
- May 2011 (1)
- April 2011 (3)
- January 2011 (1)
- December 2010 (2)
- November 2010 (1)
- October 2010 (1)
- May 2010 (2)
- April 2010 (1)
- March 2010 (1)
- February 2010 (1)
- October 2009 (2)
- September 2009 (2)
- November 2008 (1)
LDAP
LDAP API
Pages
Categories
-
Recent Posts
Category Archives: LDAP
LDAP: Hardening Server Security (so administrators can sleep at night)
Client Connections Limit the total number of concurrent sessions to the server and limit the number of concurrent sessions per client Set size-limit, lookthrough-limit, and time-limit per client appropriate to client requirements (be aware of the server’s default settings, often … Continue reading
LDAP: Client Connection Policies
Introduction A Client Connection Policy controls the portions of the DIT a client can access and resource limits on what clients can do with data stored on the server. Clients are subject to one Client Connection Policy at a given … Continue reading
Posted in computing, LDAP, UnboundID
Tagged client connection policy, connection criteria, LDAP, UnboundID Directory Server
Leave a comment
LDAP: Administrative users
Introduction In an UnboundID LDAP directory server, the “Root DN” (root user) accounts have an extensive set of privileges in the default distribution of the server products; therefore the root DN account(s) should not be used in normal operation except … Continue reading
Posted in computing, LDAP, UnboundID
Tagged access control instruction, dsconfig, LDAP, ldapmodify, rootDN
Leave a comment
LDAP: The MultiUpdateExtendedRequest
The UnboundID Directory Server supports an extended request called the MultiUpdateExtendedRequest. This extended request packages multiple updates in a single request and provides control over the behavior of the server when errors arise during the processing of the extended request. … Continue reading
ldapmodify: be careful with attribute options
Clients must include the attribute options when using an attribute name following a mod-spec. Consider the following LDIF: # wrong dn: cn=test,c=us changetype: modify replace: your-attribute-name your-attribute-name;binary: binary-stuff your-attribute-name must contain the option (binary in this case). Here is the … Continue reading
Diaries, Triumphs, Failures, and Rants 