HP COMPAQ USB 3-BUTTON User Manual

July 2001 158E-0701A-WWEN Prepared by: Industry Standard Server Division

Enabling LDAP Authentication on Compaq TaskSmart C-Series

Compaq Computer Corporation

Contents

LDAP Authentication on

TaskSmart C-Series Servers...... 3

Edit records.config..................... 3

How to Customize the

Authentication Dialogue Box..... 4

LDAP Servers Supported........... 4

Openldap .................................. 4

Netscape Directory Server

4.13 ........................................... 4

Netscape Directory Server

SSL ........................................... 5

Required Equipment................... 6

Diagram of Network Configuration (Transparent

Proxy, L4 Switch)........................ 7

Servers

Abstract: This document was created to assist in the enabling of Lightweight Directory Access Protocol (LDAP) authentication on TaskSmart C-Series (TaskSmart C4000 series) servers.

Enabling LDAP Authentication on Compaq TaskSmart C-Series Servers 2

Notice

Compaq, the Compaq logo and TaskSmart are trademarks of Compaq Information Technologies Group, L.P. Microsoft, Windows, and Windows NT are trademarks of Microsoft Corporation in the United States and other countries. Inktomi Traffic Engine is a trademark of Inktomi. All other product names mentioned herein may be trademarks of their respective companies.

Compaq shall not be liable for technical or editorial errors or omissions contained herein. The information in this document is provided “as is” without warranty of any kind and is subject to change without notice. The warranties for Compaq products are set forth in the express limited warranty statements accompanying such products. Nothing herein should be construed as constituting an additional warranty.

158E-0701A-WWEN

Enabling LDAP Authentication on Compaq TaskSmart C-Series Servers 3

LDAP Authentication on TaskSmart C-Series Servers

LDAP authentication via proxy server is an important security option offered on Compaq TaskSmart™ C-Series servers. The administrator of the network can use an existing directory service (for example, users on Microsoft Windows NT domain can sync with a Netscape Directory Server) by supporting asynchronous bind requests to an LDAP server. This process is discussed in the Compaq TaskSmart C-Series Server Administration Guide (Powered by Inktomi Traffic Server).

Edit records.config

The file, records.config, is found in the /home/inktomi/x.x.x/config directory, where x.x.x represents the version of your Traffic Server, and can be modified using a Telnet session to the TaskSmart C-Series server.

To enable LDAP authentication for security on the Traffic Server, the following strings must be modified:

IMPORTANT: Modify strings by using the VI or PICO editors.

• CONFIG proxy.config.ldap.auth.enabled INT 1 (changed from default 0)

• CONFIG proxy.config.ldap.proc.ldap.server.name STRING frank.com (The administrator

can place a physical address of LDAP server into this variable, for example, 192.168.1.6.)

• CONFIG proxy.config.ldap.proc.ldap.server.port INT 389 (LDAP port 389)

• CONFIG proxy.config.ldap.base.dn STRING o=CORAL (DN or suffix on Netscape

Directory Server; ensure format is correct.)

• CONFIG proxy.config.ldap.uid_filter STRING uid

• CONFIG proxy.config.body_factory.response_suppression_mode INT 0 (defaults to 2,

ensure this mode is turned off)

Exit your editor, and then save changes. Stop and restart the Traffic Server service using the following command lines:

/home/inktomi/x.x.x/bin/stop_traffic_server /home/inktomi/x.x.x/bin/start_traffic_server

Where x.x.x represents the version of your Traffic Server.

158E-0701A-WWEN

+ 4 hidden pages