Chapter 11 describes how to administer Internet
Default Configuration for the LDAP Module for System Authentication
Internet Express configures the security matrix in the/etc/sia/matrix.conf file to use the LDAP Module for System Authentication. The security matrix consists of a list of
See the siacfg(8) and matrix.conf(4) reference pages for more information about configuring security methods.
Example 1 Security Matrix Enabled for LDAP
.
.
.
siad_getgrgid=(BSD,libc.so) (LDAP,/usr/shlib/libsialdap.so) siad_setpwent=(BSD,libc.so) (LDAP,/usr/shlib/libsialdap.so)
.
.
.
When you install the LDAP Module for System Authentication, the installation procedure checks the validity of the configuration information you supplied, and tries to connect to the LDAP server you specified during the installation, then enables the LDAP Module for System Authentication. If the connection fails, or if the required schema attributes are not found, the LDAP Module for System Authentication is not enabled and you must use the LDAP Module for System Authentication Administration menu to enable it (after correcting the problems) or use the /usr/internet/ ldap_tools/ldap_enable utility. Check the attribute values in the Distinguished Name, Password, System Name, Port Number, and the Search Base fields (see Section ).
The LDAP Module for System Authentication gets its information from the LDAP server by way of the ldapcd caching daemon (see Figure 20). This daemon runs at all times and is started by the following entry in the /etc/inittab file:
ldapcd:34:respawn:/usr/sbin/ldapcd
