SAS Safety Scalable Performance Data Server 4.5 Manuel D’Utilisation
Table 3.1 Parameters for spdsserv.parm
Parameter Description
Values
Default Setting
(NO)LDAP:
directs user authentication
to LDAP Server
LDAP/NOLDAP
NOLDAP
LDAPSERVER:
LDAP Server IP address
a valid IP address
LOCAL_HOST
LDAPPORT:
LDAP Server port number
0-65536
LDAP_PORT
LDAPBINDMETH:
LDAP bind method
"LDAP_AUTH_SIMPLE"
"LDAP_AUTH_SASL"
Null
LDAPBINDDN:
LDAP bind distinguished name
char string
Null
The LDAP parameter turns on LDAP authentication. If the LDAP parameter is found
during start-up, the SPD Server creates a context for LDAP authentication.
during start-up, the SPD Server creates a context for LDAP authentication.
The LDAPSERVER parameter specifies a valid IP address, or the host machine for the
LDAP server. This is usually the same address as the IP address of the SPD Server host.
The default value for LDAPSERVER is the IP address of the SPD Server host.
LDAP server. This is usually the same address as the IP address of the SPD Server host.
The default value for LDAPSERVER is the IP address of the SPD Server host.
The LDAPPORT parameter specifies the TCP/IP port that is used to communicate with
the LDAP server. This is usually the default LOCAL_HOSTor port 389.
the LDAP server. This is usually the default LOCAL_HOSTor port 389.
The LDAPBINDMETH parameter controls the way SPD Server clients are authenticated
by the LDAP server. If it is found in the SPD Server parameter file, LDAPBINDMETH is
a character string whose value is either LDAP_AUTH_SIMPLE or LDAP_AUTH_SASL.
by the LDAP server. If it is found in the SPD Server parameter file, LDAPBINDMETH is
a character string whose value is either LDAP_AUTH_SIMPLE or LDAP_AUTH_SASL.
The default authentication method, LDAP_AUTH_SIMPLE, sends the SPD Server client's
user name and password to the LDAP server in clear text. LDAP_AUTH_SIMPLE should
not be used in a secure environment.
user name and password to the LDAP server in clear text. LDAP_AUTH_SIMPLE should
not be used in a secure environment.
When LDAPBINDMETH="LDAP_AUTH_SASL", the LDAP server authenticates SPD
Server clients with the Simple Authentication and Security Layer (SASL) method. SASL
is the preferred authentication method for secure environments. When authenticating with
SASL, the SPD Server specifies that the DIGEST-MD5 mechanism is used.
Server clients with the Simple Authentication and Security Layer (SASL) method. SASL
is the preferred authentication method for secure environments. When authenticating with
SASL, the SPD Server specifies that the DIGEST-MD5 mechanism is used.
DIGEST-MD5 is the most common LDAP authentication and is a requirement for all
Version 3 LDAP server products.
Version 3 LDAP server products.
The LDAPBINDDN parameter is the distinguished name (DN), or the location in the LDAP
Server's database where the client's information is stored. The form of this string is the
following:
Server's database where the client's information is stored. The form of this string is the
following:
"ID= , rdn1=RDN1, rdn2=RDN2, ...".
IDis the identifier for the relative distinguished name (RDN) of a user ID that exists in the
LDAP server database. The default value of the DN is the following:
LDAP server database. The default value of the DN is the following:
"uid= , dc=DOM1, dc=DOM2, dc=DOM3".
SPD Server Lightweight Directory Access Protocol (LDAP) Authentication
31