beautypg.com

Warning, Nsslapd-saslpath – Red Hat 8.1 User Manual

Page 44

background image

attribute. When viewed from the server console, this attribute shows the value *****. When viewed
from the dse.ldif file, this attribute shows the encryption method followed by the encrypted string of
the password. The example shows the password as displayed in the dse.ldif file, not the actual
password.

WARNING

When the root DN is configured at server setup, a root password is required. However, it is
possible for the root password to be deleted from dse.ldif by directly editing the file. In this
situation, the root DN can only obtain the same access to the directory is allowed for anonymous
access. Always make sure that a root password is defined in dse.ldif when a root DN is
configured for the database. The pwdhash command-line utility can create a new root password.
For more information, see

Section 7.3.12, “pwdhash (Prints Encrypted Passwords)”

.

Parameter

Description

Entry DN

cn=config

Valid Values

Any valid password encrypted by any one of the
encryption methods which are described in

Section 2.3.1.142, “passwordStorageScheme
(Password Storage Scheme)”

.

Default Value
Syntax

DirectoryString {encryption_method
}encrypted_Password

Example

nsslapd-rootpw: {SSHA}9Eko69APCJfF

2.3.1.94 . nsslapd-rootpwstoragescheme (Root Password Storage Scheme)

This attribute sets the encryption method used for the root password.

Parameter

Description

Entry DN

cn=config

Valid Values

Any encryption method as described in

Section 2.3.1.142, “passwordStorageScheme
(Password Storage Scheme)”

.

Default Value

SSHA

Syntax

DirectoryString

Example

nsslapd-rootpwstoragescheme: SSHA

2.3.1.95. nsslapd-saslpath

Sets the absolute path to the directory containing the Cyrus-SASL SASL2 plug-ins. On HP-UX systems,
the Directory Server cannot use the system SASL libraries because they are either not provided or are
not the correct version. Setting this attribute allows the server to use custom or non-standard SASL
plug-in libraries. This is usually set correctly during installation, and Red Hat strongly recommends not
changing this attribute. If the attribute is not present or the value is empty, this means the Directory
Server is using the system provided SASL plug-in libraries which are the correct version.

If this parameter is set, the server uses the specified path for loading SASL plugins. If this parameter is
not set, the server uses the SASL_PATH environment variable. If neither nsslapd-saslpath or
SASL_PAT H are set, the server attempts to load SASL plugins from the default location,
/usr/lib/sasl2.

Changes made to this attribute will not take effect until the server is restarted.

Parameter

Description

Entry DN

cn=config

Valid Values

Path to plugins directory.

Default Value

Platform dependent

Syntax

DirectoryString

Example

nsslapd-saslpath: /usr/lib/sasl2

2.3.1.96. nsslapd-schema-ignore-trailing-spaces (Ignore Trailing Spaces in Object Class
Names)

Ignores trailing spaces in object class names. By default, the attribute is turned off. If the directory
contains entries with object class values that end in one or more spaces, turn this attribute on. It is
preferable to remove the trailing spaces because the LDAP standards do not allow them.

For performance reasons, server restart is required for changes to take effect.

4 4

Chapter 2. Core Server Configuration Reference