o=NetscapeRoot

changetype:modify

replace:nsAdminAccessAddresses nsAdminAccessAddresses:72.5.*.*

Click Enter twice to submit the operation, then Ctrl-Cto close ldapmodify.

The nsAdminAccessAddresses value can use wildcards to allow ranges. For example, to allow all IP addresses:

nsAdminAccessAddresses:*To allow only a subset of addresses on a local network:nsAdminAccessAddresses:192.168.123.*

3.To set host name or domain-based restrictions, edit the nsAdminAccessHosts attribute.

ldapmodify -D "cn=directory manager" -w secret -p 389 -h server.example.com

dn: cn=configuration, cn=admin-serv-example, cn=HPDS Administration Server, cn=Server Group, cn=server.example.com, ou=example.com, o=NetscapeRoot

changetype:modify

replace:nsAdminAccessHosts nsAdminAccessHosts:*.example.com

Click Enter twice to submit the operation, then Control+C to close ldapmodify.

4.Restart the Admin Server to apply the changes.

/opt/dirsrv/sbin/restart-ds-admin

2.7Changing the admin user's name and password

During installation, you are asked to enter a username and password for the Configuration Administrator, the user authorized to access and modify the entire configuration directory. The Configuration Administrator entry is stored in the directory under the following DN:

uid=userID,ou=Administrators,ou=TopologyManagement,o=NetscapeRoot

The Configuration Administrator's username and password are managed through the Directory Server and are represented in an LDAP entry; this is described in the HP-UX Directory Server administrator guide.

During installation, the Configuration Administrator's username and password are used to automatically create the Administration Server Administrator. This user can perform a limited number of administrative tasks, such as starting, stopping, and restarting servers in a local server group. The Administration Server Administrator is created for the purpose of logging into the Console when the Directory Server is not running.

The Administration Server Administrator does not have an LDAP entry; it exists only as an entity in a local configuration file, /etc/opt/dirsrv/admin-serv/admpw.

Even though they are created at the same time during installation, and are identical at that time, the Configuration Administrator and Administration Server Administrator are two separate entities. If you change the username or password for one in the Console, the Console does not automatically make the same changes for the other.

The Administration Server Administrator has full access to all configuration settings in the Admin Server. The information for the admin user is set on the Access tab in the Console.

2.7 Changing the admin user's name and password 17