SAS Safety Scalable Performance Data Server 4.5 Manual Do Utilizador
Lightweight Directory Access Protocol (LDAP)
Authentication
Authentication
In SPD Server 4.5, clients can be authenticated by either the PSMGR password facility, or
by a Lightweight Directory Access Protocol (LDAP) Server that is running on the SPD
Server host. LDAP authentication integrates with the SPD Server password facility and
offers a centralized approach to User ID and password management. SPD Server clients
that use LDAP authentication should have accounts in the domain in which the LDAP and
SPD Servers are running. The User ID and password information must be stored on an
LDAP server that the SPD Server can access. The User ID must also be entered into the
SPD Server's password database through PSMGR or the SPD Server 4.5 SAS Management
Console Utility to record all other SPD User information.
by a Lightweight Directory Access Protocol (LDAP) Server that is running on the SPD
Server host. LDAP authentication integrates with the SPD Server password facility and
offers a centralized approach to User ID and password management. SPD Server clients
that use LDAP authentication should have accounts in the domain in which the LDAP and
SPD Servers are running. The User ID and password information must be stored on an
LDAP server that the SPD Server can access. The User ID must also be entered into the
SPD Server's password database through PSMGR or the SPD Server 4.5 SAS Management
Console Utility to record all other SPD User information.
When a client uses LDAP authentication to connect to an SPD Server, the LDAP server
that is configured in the SPD Server's parameter file receives the client's user name and
password. The LDAP server authenticates the client, then returns the result to the SPD
Server. After the client is verified, SPD Server uses the client's password database record
for all other SPD Server operations.
that is configured in the SPD Server's parameter file receives the client's user name and
password. The LDAP server authenticates the client, then returns the result to the SPD
Server. After the client is verified, SPD Server uses the client's password database record
for all other SPD Server operations.
To set up LDAP authentication, the following parameters must be added to the SPD Server's
spdsserv.parm file:
spdsserv.parm file:
Table 4.1 Parameters for the spdsserv.parm File
Parameter
Description
Values
Default Setting
(NO)LDAP:
directs user authentication
to LDAP Server
LDAP/NOLDAP
NOLDAP
LDAPSERVER:
LDAP Server IP address
a valid IP address
LOCAL_HOST
LDAPPORT:
LDAP Server port number
0-65536
LDAP_PORT
LDAPBINDDN:
LDAP bind distinguished name
char string
Null
The LDAP parameter turns on LDAP Authentication. If the LDAP parameter is present
during start up, the SPD Server creates a context for LDAP authentication.
during start up, the SPD Server creates a context for LDAP authentication.
The LDAPSERVER parameter specifies the network IP address, or the host machine for
the LDAP server. This is usually the same as the IP address of the SPD Server host. The
default value for LDAPSERVER is the IP address of the SPD Server host.
the LDAP server. This is usually the same as the IP address of the SPD Server host. The
default value for LDAPSERVER is the IP address of the SPD Server host.
The LDAPPORT parameter specifies the TCP/IP port that is used to communicate with
the LDAP server. This is usually the default "LOCAL_HOST" or port 389.
the LDAP server. This is usually the default "LOCAL_HOST" or port 389.
52
Chapter 4 • SPD Server Windows Installation Guide