You have a problem of how to avoid initially sending the single secure key from the LDAP server to the LDAP client in plain text.
我们还有一个问题:如何防止出现以正文文本格式将密钥从LDAP服务器发送到 LDAP客户机上的情况。
In the above sections, you added the LDAP directories with default values and without customizing any LDAP attributes.
在上面的部分中,您添加了具有缺省值的LDAP目录,但并没有自定义任何ldap属性。
When using the LDAP directory, it is very common to have one master LDAP server and a few other LDAP replica servers, so as to achieve the load-balancing and high availability of the directory data.
在使用LDAP目录时,一种非常常见的配置是使用一个主 LDAP服务器和另外几个 LDAP副本服务器,这种配置可以实现目录数据的负载平衡和高可用性。
Basically an LDAP client can query an LDAP server to obtain any information about users therein.
基本上,LDAP客户机可以查询LDAP服务器来获得关于用户的任何信息。
There are policies and procedures in place to manage directory schema additions, deletions, and modifications in LDAP and only LDAP.
在LDAP并且仅在LDAP中,制定了用于管理目录架构的添加、删除和修改的策略和过程。
You can configure multiple LDAP plug-ins, with each one accessing a different LDAP directory server.
您可以配置多个LDAP插件,让每个插件访问一个不同的LDAP目录服务器。
However, this configuration does not offer the powerful query functionality provided by the LDAP plug-in with an LDAP directory, which is recommended for production environments.
但是,此配置无法提供LDAP插件使用 LDAP目录所提供的强大查询功能,而这是在生产环境中推荐的功能。
However, the users and groups managed in the LDAP directory accessed by the LDAP staff resolution plug-in must have a counterpart in the user registry.
然而,由LDAP人员解析插件访问的LDAP目录中管理的用户和组必须在用户注册中心具有对应的用户和组。
The LDAP authentication provider handles all communication with your back-end LDAP directory.
LDAP身份验证提供者处理所有与后端ldap目录的通信。
This is required, for example, for LDAP servers where each customer USES a different LDAP schema of his choice.
例如,这对于每个客户选用一个不同的LDAP模式的LDAP服务器而言非常必要。
Basically, an LDAP alias is an entry in a LDAP or X.500 directory that points to another entry in the directory hierarchy.
从根本上说,ldap别名是LDAP或X . 500目录中的一个条目,这个条目指向目录层次结构中的另一个条目。
Central authentication systems, like LDAP, generally require that LDAP enabled users and groups have consistent UIDs and GIDs across all servers that are LDAP connected.
LDAP等集中认证系统通常要求通过LDAP连接的所有服务器上启用LDAP的用户和组具有一致的UID和GID。
For example, when an LDAP server authenticates a user, the authentication authority is the LDAP server even though the LDAP server may be using SAML to communicate the authorization.
例如,当LDAP服务器对一个用户进行认证时,认证权威机构是LDAP服务器—即使LDAP服务器可能正在使用SAML来传送认证。
This article documents the way to make a non-IBM LDAP server behave similarly to an AIX LDAP server in terms of supporting AIX user management by extending these LDAP servers with AIX LDAP schema.
通过使用AIXLDAP 模式扩展这些 LDAP服务器可以实现 AIX用户管理的支持,本文说明了如何让非 IBM LDAP服务器以类似于 AIX LDAP 服务器的方式工作。
Please consult your LDAP documentation on how to install and configure the LDAP server.
关于如何安装和配置LDAP服务器,请参考 LDAP文档。
The PAM LDAP modules will be used to redirect authentication to the LDAP directory.
PAMLDAP模块可以用来将身份验证重定向到LDAP目录上。
This command automatically updates LDAP information to the required LDAP configuration files.
这个命令自动将LDAP信息更新到所需的LDAP配置文件。
The term "LDAP schema" usually refers to the collection of LDAP attributes and objectclasses.
术语“LDAP模式”通常指的是 LDAP属性和对象类的集合。
As stated earlier, you will configure the master KDC with two LDAP master servers and with no LDAP replica servers.
正如前面提到的,将用两个ldap主服务器配置主kdc,不使用LDAP副本服务器。
The scope of this article is to extend some non-IBM LDAP servers with AIX LDAP schema and to configure AIX to work with such servers.
本文的内容包括使用AIXLDAP模式扩展某些非IBM LDAP服务器,以及对 AIX 进行配置以便能够与这些服务器一同工作。
While there is no official statement about the support of LDAP servers it's safe to assume that all LDAP V3 compliant LDAP servers will work.
尽管对于支持的LDAP服务器没有官方声明,但是可以假设支持所有符合LDAPv3的LDAP服务器。
Now configure the slave KDC with the two LDAP master servers and three LDAP replica servers.
现在,用两个ldap主服务器和三个LDAP副本服务器配置从KDC。
A simple example is LDAP schema mismatches between different components that use LDAP services.
一个简单的例子是在使用LDAP服务的不同组件之间LDAP的规划不协调。
An LDAP realm authenticates users based on credentials stored on an LDAP server.
ldap域根据存储于LDAP服务器中的凭据对用户进行身份验证。
For more information on the LDAP directory backup commands, please refer to the LDAP manuals.
关于LDAP目录备份命令的更多信息,请参见ldap手册。
After obtaining all this information it's a good idea to verify some arbitrary LDAP client can connect to the LDAP via SSL.
获取所有这些信息之后,最好确认任意ldap客户机可以通过SSL连接LDAP服务器。
That is the reason that you will configure the slave KDC primarily with the master LDAP servers and with the LDAP replica as a fallback mechanism.
由于这个原因,要使用ldap主服务器配置从KDC并使用LDAP副本服务器作为备用机制。
This email address string is used as your criterion (or in LDAP terminology, search filter) for performing your LDAP lookup.
此邮件地址字符串被用作执行ldap查询的标准(用ldap术语来说是搜索过滤器)。
The usual JNDI syntax ldap://hostname:port applies here, for example "ldap://localhost:389".
通常的JNDI语法ldap://hostname:port适用于此处;例如“ldap://localhost:389”。
The usual JNDI syntax ldap://hostname:port applies here, for example "ldap://localhost:389".
通常的JNDI语法ldap://hostname:port适用于此处;例如“ldap://localhost:389”。
应用推荐