client/raw-help/LDAPAuthentication.rawhlp

	LDAPAuthentication.rawhlp revision 7c478bd95313f5f23a4c958a745db2134aa03244
<TITLE> LDAP Authentication</TITLE>
<!--
    CDDL HEADER START

    The contents of this file are subject to the terms of the
    Common Development and Distribution License, Version 1.0 only
    (the "License").  You may not use this file except in compliance
    with the License.

    You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
    or http://www.opensolaris.org/os/licensing.
    See the License for the specific language governing permissions
    and limitations under the License.

    When distributing Covered Code, include this CDDL HEADER in each
    file and include the License file at usr/src/OPENSOLARIS.LICENSE.
    If applicable, add the following below this CDDL HEADER, with the
    fields enclosed by brackets "[]" replaced with your own identifying
    information: Portions Copyright [yyyy] [name of copyright owner]

    CDDL HEADER END

-- Copyright 2001 Sun Microsystems, Inc.  All rights reserved.
-- Use is subject to license terms.
--
-- ident    "%Z%%M% %I% %E% SMI"
-->
<!-- Tag=LDAPAuthentication -->

<CONTENT>

<p>

If you are using the LDAP naming service, you will need the distinguished
name and password for a user who has update privileges to make any changes.
Before making changes to the LDAP directory the user should be fully aware of
the items in the <b>notes</b> below.
The LDAP Authentication dialog is displayed when you select LDAP as the
naming service.

<p>

1. Check the LDAP server name for correctness. You may select a
different server name if appropriate.

<p>

2. Check the Distinguished Name (DN) for correctness. You may enter a
different distinguished name of another user if appropriate. This may be the DN
of any directory user who has permissions (directory update privileges) to
update printer entries in the LDAP directory for the current ldapclient (1M)
naming service (NS) domain.

<p>

3. Enter the password for the user's Distinguished Name.

<p>

4. Click OK.

<p>

The entries you have made will be validated against the LDAP directory and then
saved, the LDAP Authentication dialog will be dismissed.

<p>

Click Cancel if you don't know the password for the Distinguished Name.

<p>

<b>Note:</b> Keep the following in mind if you are using Solaris Print
Manager to update printer information in the LDAP naming service:

<p>

If the LDAP server is the Netscape Directory Server (NSDS) then
the default distinguished name is "cn=Directory Manager".
If the LDAP server is Sun Directory Server then an example
of the distinguished name is "cn=admin, dc=XYZ, dc=COM".

The Solaris Print Manager uses ldapclient(1M) to determine
the default LDAP server name. If there is more than one
server specified then the first one will be used.

<p>

The Print Manager always displays printer entries from the current
ldapclient (1M) server. If this is not the domain Master LDAP server then
the list of printers displayed may <b>not</b> be the current list of printers,
this is because the ldapclient replica server may not have been updated by the
master server and so be out of sync with the master. Replica servers can have
various update replication agreements, for example; updated immediately there
is a change on the master, or updated once a day from the master.

<p>

If the selected LDAP server is a replica LDAP server, any <b>updates</b> will be
referred to the master server and done there. This again means the printer list
could be out of sync with the master. For example, a deleted printer may still
appear in the displayed printer list until the replica is updated from
the master.

<p>

Users can use the ldap command line utilities (ldapadd (1) & ldapmodify (1))
to update printer entries in the directory, but this is not recommended. If
these utilities are used then the user <b>must ensure</b> that the printer-name
attribute value is unique within the ou=printers container. If it is not unique
the result of modifies done by the print manager (or lpset (1M)) may not be
predictable.

<p>

</CONTENT>

<p>

<KEYWORDS>

LDAP ldap "LDAP server" authentication login password naming "naming
service" files "replica server" replica replication referral ldapclient
"distinguished name" DN

</KEYWORDS>

<p>

<SEEALSO>
NameService
Overview
MainWindow
HelpOnHelp
</SEEALSO>