Form tabs
Use this form to configure FirstClass Directory Services (FCDS).
General tab
Use this tab to specify the root for the Directory Services tree view, the FirstClass subadministrator user ID and password, and the information to use when creating aliases.
Directory root DN
The DN that you want FCDS to use as the root (highest level) of the FirstClass Directory's tree view.
Example:
ou=Administration,o=Husky Planes,c=CA
This is normally the same as the external LDAP server's root DN. If you only want to replicate a subtree of the external LDAP server's directory, type the DN that represents the root of that subtree.
FPP port
The FirstClass Provisioning Protocol port number on the FirstClass server.
FirstClass subadministrator
User ID
Your FirstClass subadministrator user ID.
Password
Your FirstClass subadministrator password.
SMTP user aliases
By default, FCDS creates an SMTP user alias for any user who doesn't already have an alias. This alias takes the form you specify here.
 ExceptionFCDS won't create SMTP user aliases for remote names.
Generate SMTP user aliases
Generates aliases if they don't already exist.
Generate name from
"First and last name" generates the name portion of the alias from the user's first name, then the user's last name.
Resulting alias: first separator last@domain
"Last and first name" generates the name portion of the alias from the user's last name, then the user's first name.
Resulting alias: last separator first@domain
"User ID" generates the name portion of the alias from the user's user ID.
Resulting alias: user_id@domain
"Separator character" specifies the character to use between name elements (first, last, and initials).
"Use initials" adds the user's initials to the end of the name portion of the alias. The initials aren't edited, so will include any periods that were entered.
Resulting alias: first separator last separator initials@domain
or
last separator first separator initials@domain
Domain
The domain name to use for the creation of user aliases. This domain name is used if the highest organizational unit for that user doesn't have a domain name.
Replication tab
Use this tab to specify the LDAP port number of the machine on which Directory Services is running, the operation mode, whether to actually delete entries in slave mode, and what to show in the Directory Services tree view. You can also specify an LDIF file to be imported to the FirstClass Directory.
LDAP port
The LDAP port number on the machine running Directory Services.
Mode
The operating mode for FCDS.
Enable delete
Truly deletes from the FirstClass Directory any "deleted" entries. By default, FCDS unlists these entries and moves them to the DS Deleted group instead.
Show
Select the information you want FCDS to display in the FirstClass Directory tree view.
LDIF file
The full path and name of the LDIF file that you will be importing to the FirstClass Directory.
Authentication tab
Use this tab to allow certain types of logins to Directory Services, and to specify any authentication filter to be used when authentication is done by the external LDAP server.
Directory Services authentication and security
Allow anonymous login
Allows anonymous logins to Directory Services by external connections.
Use secure connections (SSL)
Allows external SSL connections to Directory Services. If you select this field, supply your SSL port number and certificate file name.
SSL port
The SSL port number on the machine running Directory Services.
Certificate file name
The name of the certificate file that you want Directory Services to use for secure connections.
External LDAP server authentication
Authentication filter
The LDAP search filter to use when Directory Services connects to the external LDAP server for login authentications.
The filter must be an RFC 2254-compliant text filter. A example filter is
(!(studentStatus=suspended))
which means the student status is not suspended.
If the search result is true (in the example above, the user trying to log in is not suspended), the user is authenticated.
FirstClass login authentication
Authentication method
What will authenticate logins to the FirstClass server. If you choose FirstClass Secure, the FirstClass server will authenticate logins. If you choose Remote Only, the external LDAP server will authenticate logins. If you choose Remote with FirstClass, either the external LDAP server or the FirstClass server will authenticate logins, with the external LDAP server being tried first.
With either remote authentication choice, the FirstClass server will negotiate with the client to get the encrypted login credentials.
LDAP Server tab
Use this tab to identify the external LDAP server.
Server address
The IP address or domain name of the external LDAP server.
LDAP port
The LDAP port number on the external LDAP server.
Login DN
The login DN on the external LDAP server.
Login password
The login password on the external LDAP server.
Type
The type of external LDAP server. For OpenLDAP, choose Generic. For other server types not documented here, try Generic. Certain other server types may work with this setting.
|