Table of Contents

Search

  1. Preface
  2. Introduction to PowerExchange
  3. DBMOVER Configuration File
  4. Netport Jobs
  5. PowerExchange Message Logs and Destination Overrides
  6. SMF Statistics Logging and Reporting
  7. PowerExchange Security
  8. Secure Sockets Layer Support
  9. PowerExchange Alternative Network Security
  10. PowerExchange Nonrelational SQL
  11. DTLDESCRIBE Metadata
  12. PowerExchange Globalization
  13. Using the PowerExchange ODBC Drivers
  14. PowerExchange Datatypes and Conversion Matrix
  15. Appendix A: DTL__CAPXTIMESTAMP Time Stamps
  16. Appendix B: PowerExchange Glossary

Example: Level 3 LDAP Security - Secure LDAP Configuration with SASL External Authentication

Example: Level 3 LDAP Security - Secure LDAP Configuration with SASL External Authentication

The following example shows the DBMOVER statements for a secured LDAP configuration using the SASL EXTERNAL mechanism:
SECURITY=(1,N,LDAP) LDAP_HOST=(myldapserver,636) LDAP_BASE=("ou=People,dc=example,dc=com") LDAP_TLS=(PASS=clientauth, KEYNAME=hmiller-cert, CAPATH=/pwx_store)
LDAP_SASL_MECH=EXTERNAL
This example uses the trustore and keystore directory,
pwx_store
, which is specified in the CAPATH parameter of the LDAP_TLS statement.
The LDAP_SASL_MECH=EXTERNAL statement indicates that the LDAP server will derive the search user credentials from the client certificate. To derive these credentials, the LDAP server must have the certificate mapping configured. For example, with Oracle Directory Server, the mapping is configured by the Oracle
certmap.conf
file.

0 COMMENTS

We’d like to hear from you!