HP UX Red Hat Direry Server Software manual Database Encryption

Chapter 3. Configuring Directory Databases

the physical database itself.

1.In the Directory Server Console, select the Configuration tab.

2.In the left navigation pane, locate the database to delete, and select it.

3.From the Object menu, select Delete.

Alternatively, right-click the database and select Delete from the pop-up menu. The Deleting Database confirmation dialog box is displayed.

4.Click Yes to confirm the deletion.

Once deleted, the database no longer appears in the right pane.

2.2.3. Configuring Transaction Logs for Frequent Database Updates

When the server is going to be asked to perform frequent database updates (LDAP adds, modifies, replication), the database transaction log files should be configured to be on a different disk than the primary database files.

1.Open the configuration directory.

cd /etc/dirsrv/slapd-instance_name

2.Edit the dse.ldif file, and change the nsslapd-db-logdirectorydirective for the new log file path:

nsslapd-db-logdirectory: /home3/exampledb-slapd-01-txnlogs

This directive goes on the same entry that has the dbcache size. Storing these files on a separate physical disk improves performance because the disk heads don't thrash moving between the log files and the data files.

2.3. Database Encryption

The Directory Server offers a number of mechanisms to secure access to sensitive data, such as access control rules to prevent unauthorized users from reading certain entries or attributes within entries and SSL to protect data from eavesdropping and tampering on untrusted networks. However, if a copy of the server's database files should fall into the hands of an unauthorized person, they could potentially extract sensitive information from those files. Because information in a database is stored in plain text, some sensitive information, such as government identification numbers or passwords, may not be protected enough by standard access control measures.

64