beautypg.com

Cn=features, Cn=mapping tree, Cn=features 2.3.5. cn=mapping tree – Red Hat 8.1 User Manual

Page 61

background image

Parameter

Description

Entry DN

cn=encryption, cn=config

Valid Values

For SSLv3:

rsa_null_md5
rsa_rc4_128_md5
rsa_rc4_40_md5
rsa_rc2_40_md5
rsa_des_sha
rsa_fips_des_sha
rsa_3des_sha
rsa_fips_3des_sha

For TLS:

tls_rsa_export1024_with_rc4_56_sha
tls_rsa_export1024_with_des_cbc_sha

Default Value
Syntax

DirectoryString
Use the plus (+) symbol to enable or minus (-)
symbol to disable, followed by the ciphers. Blank
spaces are not allowed in the list of ciphers.

To enable all ciphers — except rsa_null_md5,
which must be specifically called — specify +all.

Example

nsslapd-SSL3ciphers:
+RSA_NULL_MD5,+RC4_56_SHA,-RC4_56_SHA

For more information, see the "Managing SSL" chapter in the Directory Server Administrator's Guide

2.3.4 . cn=features

There are not attributes for the cn=features entry itself. This entry is only used as a parent container
entry, with the nsContainer object class.

The child entries contain an oid attribute to identify the feature and the directoryServerFeature
object class, plus optional identifying information about the feature, such as specific ACLs. For example:

dn: oid=2.16.840.1.113730.3.4.9,cn=features,cn=config
objectClass: top
objectClass: directoryServerFeature
oid: 2.16.840.1.113730.3.4.9
cn: VLV Request Control
aci: (targetattr != "aci")(version 3.0; acl "VLV Request Control"; allow( read,
search, compare, proxy ) userdn = "ldap:///all";)
creatorsName: cn=server,cn=plugins,cn=config
modifiersName: cn=server,cn=plugins,cn=config
createTimestamp: 20090129132357Z
modifyTimestamp: 20090129132357Z

2.3.4 .1. oid

The oid attribute contains an object identifier assigned to a directory service feature. oid is used as the
naming attribute for these directory features.

OID

2.16.840.1.113730.3.1.215

Syntax

DirectoryString

Multi- or Single-Valued

Multi-valued

Defined in

Directory Server

2.3.5. cn=mapping tree

Configuration attributes for suffixes, replication, and Windows synchronization are stored under
cn=m apping tree,cn=config. Configuration attributes related to suffixes are found under the
suffix subentry cn=suffix, cn=mapping tree,cn=config.
For example, a suffix is the root entry in the directory tree, such as dc=example,dc=com.
Replication configuration attributes are stored under cn=replica, cn=suffix, cn=mapping
tree,cn=config.
Replication agreement attributes are stored under cn=replicationAgreementName, cn=replica,
cn=suffix,cn=m apping tree,cn=config.

Red Hat Directory Server 8.1 Configuration and Command Reference

61