Use this task to configure the Lightweight Directory Access Protocol (LDAP) server, configure the client on the cluster node, and establish a connection between the server and client.
LDAP is a standard method for accessing and updating information in a directory, and is used by the cluster to keep authentication, group, and user information common across the clusters.
The connection that you configure uses the Secure Sockets Layer (SSL) key database for communications.
The LDAP server connection cannot be modified. You can disconnect from the existing LDAP server and create a connection.
Use a comma to separate the host names for an existing connection.
The DN you specify must exist on the LDAP server.
The ability to perform operations on entries in the LDAP server database from the LDAP client is dependent on the access permissions granted to the DN that is bounded on the LDAP server.
For example, cn=admin cn=proxy, o=ibm, cn=user, ou=people, cn=aixdata. The default value is cn=admin.
The password you use must match the password on the LDAP server for the specified DN.
For example, cn=aixdata, o=ibm. The default value is cn=aixdata, o=ibm.
The default port number is 636, which is the standard port in SSL communications for LDAP servers.
The default value is rfc2307aix. This value indicates that the LDAP server must be configured to use RFC 2307 and the auxiliary AIX® schema, which provides full AIX attribute support.
If a password is not specified, it is considered that a password stash file exists with the same file specification as the key path, but with an extension of .sth.
For more information about adding LDAP server and client connections, see the Creating an LDAP connection topic in the AIX Information Center.