HP UX Identity Security Software 2.1.2 How the server configuration is organized

Table 2-1 Directory Server LDIF configuration files (continued)

Configuration file name	Purpose
50ns-mail.ldif	Schema used by Netscape Messaging Server to define mail users and mail groups.

50ns-value.ldif	Schema for servers' value item attributes.

50ns-web.ldif	Schema for Netscape Web Server.

60pam-plugin.ldif	Reserved for future use.

99user.ldif	User-defined schema maintained by Directory Server replication consumers which
	contains the attributes and object classes from the suppliers.

2.1.2 How the server configuration is organized

The dse.ldif file contains all configuration information including directory-specific entries created by the directory at server startup, such as entries related to the database. The file includes the root Directory Server entry (or DSE, named by "") and the contents of cn=config and cn=monitor.

When the server generates the dse.ldif file, it lists the entries in hierarchical order in the order that the entries appear in the directory under cn=config, which is usually the same order in which an LDAP search of subtree scope for base cn=config returns the entries.

dse.ldif also contains the cn=monitor entry, which is mostly read-only, but can have ACIs set on it.

NOTE:

The dse.ldif file does not contain every attribute in cn=config. If the attribute has not been set by the administrator and has a default value, the server will not write it to dse.ldif. To see every attribute in cn=config, use the ldapsearch command.

2.1.2.1 Configuration attributes

Within a configuration entry, each attribute is represented as an attribute name. The value of the attribute corresponds to the attribute's configuration.

The following code sample is an example of part of the dse.ldif file for a Directory Server. The example shows, among other things, that schema checking has been enabled; this is represented by the attribute nsslapd-schemacheck, which takes the value on.

dn: cn=config

objectclass: top

objectclass: extensibleObject

objectclass: nsslapdConfig

nsslapd-accesslog-logging-enabled: on

nsslapd-enquote-sup-oc: off

nsslapd-localhost: phonebook.example.com

nsslapd-schemacheck: on

nsslapd-port: 389

nsslapd-localuser: www

...

2.1.2.2 Configuration of plug-in functionality

The configuration for each part of Directory Server plug-in functionality has its own separate entry and set of attributes under the subtree cn=plugins,cn=config. The following code sample is an example of the configuration entry for an example plug-in, the Telephone Syntax plug-in.

dn: cn=Telephone Syntax,cn=plugins,cn=config

objectclass: top

2.1 Overview of the Directory Server configuration