Complete Contents
Preface
Chapter 1 Introduction
Chapter 2 Setting up the Gateway
Chapter 3 Gateway Localization
Chapter 4 Files Controlling Gateway Functionality
Chapter 5 Entry Types and Object Class Attributes
Chapter 6 Search Attributes, Filters, and Results
Chapter 7 Customizing Graphics and Color
Appendix A .conf Parameters
Appendix B Directives Reference
Appendix C CGI Usage
Previous Next Contents Index Bookshelf


Appendix A .conf Parameters

The dsgw.conf and pb.conf files are installed during Directory server installation.

Associated directives are described in Appendix B, "Gateway Directives Reference."

authlifetime

Description Specifies the amount of time in seconds before a user's authentication expires in the Gateway. When authenticating to the Directory from the Gateway, the Gateway retains authentication credentials for the amount of time specified in this parameter. Once authentication credentials have expired, the Gateway prompts the user to re-authenticate.

For information on authenticating to the directory server using the Gateway, see the on-line documentation that is available through the Gateway.

Format authlifetime <seconds>

Example The following example causes user authentication to expire in two hours. This is the default expiration time:

authlifetime 7200

baseurl

Description Specifies the hostname and port number used to contact the directory server. This parameter also determines the search base used for searches performed from the Gateway, and whether the Gateway uses SSL to communicate with the directory server.

Format baseurl [ldap | ldaps]://<host>:<port>/<search base>

ldap | ldaps . Use ldap to have the Gateway communicate the Directory server without using SSL. Use ldaps to have the Gateway communicate with the Directory server using SSL.

<host>. Indicates the hostname of the device where the directory server is installed.

<port>. Indicates the port number used by the directory server. Always specify a port number even when using standard ldap or ldaps port numbers (389 and 636, respectively).

<search base> . Indicates the distinguished name representing the point in the directory from which all searches are performed. Normally, searchbase is set to the directory's suffix.

Netscape recommends substituting the following hexadecimal values for the equal sign, space, and comma in the search base:

Example The following example sets the base URL to use SSL communications to a server running on the well-known LDAP security port (636). The base search address is set to o=airius.com:

baseurl "ldaps://dirserver.airius.com:636/o%3Dairius.com"

binddnfile

Description Specifies the location of the file where the bind DN and bind password are stored. This file should be stored separately of the .conf file for the gateway instance. The binddnfile is used to authenticate to the server for non-anonymous searching.

Format binddnfile <binddnfilename>

Example binddnfile /export/TEST/binddnfile

changeHTML

Description Used by the Gateway to substitute ideographic space for non-breaking space (nbsp) in Asian character sets.

Format changeHTML <nbsp_from> <nbsp_to> <charset>

Example changeHTML <space character> <space charac ter> Shift_JIS

charset

Description Defines the default character set for communication with HTTP clients. The default is UTF-8 (Unicode), which supports all the characters in the Netscape Directory. UTF-8 is the preferred character set, however many browsers don't support the UTF-8 charset, or display it poorly.

Some users may require a different character set than the one specified using this parameter. For these users, the charset parameter setting may be overridden by creating a <LANG>/dsgw/charset.conf file which contains the charset name. However, to receive the correct language, users will have to configure their browsers to send the appropriate accept-language headers.

For compatibility with HTTP clients that can't handle an HTTP response with a charset parameter in the content-type, comment out this parameter in the .conf file. this prevents the gateway from sending an explicit charset to gateway clients. When no charset parameter is defined, the gateway by default transmits ISO-8859-1 (Latin-1).

The charset parameter is ignored by Netscape Communicator 4.0 and Internet Explorer 4.0 and greater clients, which request the UTF-8 charset by default. Forcing these clients to use a non-UTF-8 charset (such as Latin-1) requires the ignoreAcceptCharsetFrom parameter, introduced in release 4.0 of the gateway.

More information: "ignoreAccetpCharsetFrom" on page 85

Format charset <charset>

Example charset UTF-8

For more information about charsets, see RFC 1345, which defines the syntax of charset names.

For more information about how the 3.x and 4.0 releases of the Gateway choose character sets for HTTP clients, see "Unicode and Netscape Support for UTF-8" on page 33.

configdir

Description Specifies the location of the configuration directory of the Gateway. These include the object class templates, search configuration files, search result templates, and script files used to dynamically generate HTML forms for the user.

The configuration directory for the default Gateway (dsgw.conf) is ../config. The configuration directory for Directory Express (pb.conf) is ../pbconfig.

Format configdir "<configuration directory>"

Example configdir "../airiusconfig"

dirmgr

Description Specifies the distinguished name of the directory manager. This is the DN used to bind to the directory server when users authenticate as the directory manager from the Gateway. Netscape recommends using a DN other than the root DN for this purpose. It is intended that the DN specified here has read and write authority for the subtree that the gateway sees.

For information on authenticating as the directory manager from the Gateway, see the on-line documentation that is available through the Gateway. Format

Example dirmgr "<distinguished name>"

dirmgr "cn=Directory Manager, o=airius.com"

For information on the root DN and on setting permissions for the directory, see the Netscape Directory Server Administrator's Guide.

gwnametrans

Description Used by Gateway CGIs to specify the URL to output for HTTP redirection. This needs to be specified as "/dsgw/<htmldir>" and should be the same as the NameTrans set in the HTTP server, if any is being used.

Format gwenametrans "<HTTP redirect>"

Example gwnametrans "/dsgw/pbhtml/"

htmldir

Description Specifies the location of the HTML files for the gateway. These include the HTML files controlling the appearance of Gateway forms.

The HTML directory for the default Gateway (dsgw.conf) is ../html. The HTML directory for Directory Express (pb.conf) is ../pbhtml.

Format htmldir "<html directory>"

Example htmldir "/airiusconfig"

ignoreAccetpCharsetFrom

Description Ignores request headers for the UTF-8 character set automatically sent by Netscape Communicator 4.x and Internet Explorer 4.x browsers. Can be used together with the charset parameter to transmit a charset other than Unicode to all Gateway clients.

Format ignoreAcceptCharsetFrom <HTTP client version string>

Example ignoreAcceptCharsetFrom Mozilla/4.01x-NSCP Mozilla/3

More information: "charset" on page 83.

include

Description Specifies the location of another config file that should be read by the Gateway.

Format include "<config file>"

Example include "../config/dsgw-l10n.conf"

location

Description Defines the location choices selectable from the Gateway when adding new entries. Each location parameter represents a branch point in the directory tree below which new entries can be added.

Format location <handle> "<friendly name>" "<dn>"

<handle>. An arbitrary string used by the location-suffix parameter to map a type of entry to the locations where the entry can be created. For more information, see "location-suffix" on page 87.

<friendly name> . An arbitrary string that represents the location. This string should describe the location because the Gateway displays this string to users to represent the location.

<dn>. The distinguished name representing this branch point in the directory. If this value is not terminated with a pound sign, the value specified on the include parameter is appended to this value to build the fully qualified distinguished name. If dn is terminated with a pound sign (#), the value represented here is assumed to be a fully qualified distinguished name, and the pound sign is stripped from the distinguished name before the DN is used by the Gateway.

For more infomraiton, see "include" on page 86.

Example The following example defines an entry creation location in a user directory. This location corresponds to the Marketing organizational unit, and the remainder of the distinguished name is built from the value set in the include parameter:

location marketing "Marketing Organization" "ou=Marketing"

A slightly different example defines the same location, but specifies the fully qualified distinguished name:

location marketing "Marketing Organization" "ou=Marketing, o=airius.com#"

For a more complete example of the location parameter, see "Mapping Locations and Entry Types" on page 50.

location-suffix

Description Identifies the directory suffix used to create new entries in the directory. .

This value is appended to the DN field of the NLS parameter when the Gateway is used to create new entries in the directory.

Format location-suffix "<suffix>"

Example location-suffix "o=airius.com"

newtype

Description Defines the types of entries that can be added to the directory using the Gateway. newtype also defines the locations in the directory where an entry type can be added. In order for a user to create the entry, the corresponding location must be defined using the location parameter.

Format newtype <template_name> "<friendly_name>" <rdnattr> <locations>

<template_name> . The name of a display-<template_name>.html file that defines the object class listed. Template files are stored in the ../config directory. The Gateway uses these files to define how various types of entries are displayed when entries are being created or viewed:

<friendly_name>. An arbitrary string that describes the entry. This string should be reasonably descriptive of the entry type because the Gateway displays this string to users who are adding entries.

<rdnattr>. The attribute used to name entries of this type. For example, the default value for the rdnattr field for people entries is uid. This means that any people entries created using the Gateway will have DNs of the following format:

uid=<string>

The rdnattr field can be modified so that entries are named using a different attribute. For example, to change the rdnattr of the newtype orgperson line from uid to cn, people entries created using the Gateway will have cn-based DNs rather than the UID-based DNs (the default setting).

<locations>. A space-separated list of the locations where this type of entry can be added. The locations in this list must be identical to the <handle> specified on the corresponding location parameter.

Example The following example allows persons to be added to the Marketing subtree using the template for organizationalPerson:

newtype orgperson "Person" cn marketing

For a more complete example of the newtype parameter, see "Mapping Locations and Entry Types" on page 50.

NLS

Description Identifies the libNLS data directory, which should contain a directory named "locales", containing the configuration files LANG.ctx, LANG.col, and LANG.txt for each supported language (locale).

Format NLS <libNLS data directory>

Example NLS ../../lib/nls

securitypath

Description Identifies the location of the certificate database used by the Gateway when using SSL to communicate with the Directory server. The certificate database contains the Certificate Authority issuing the certificate for the directory server. [rob--helpful to say that on install for DE and dsgw, this points to the certificate database for the admin server?]

Format securitypath <NSHOME>/alias/<cert.db>

Example securitypath "/export/TEST/alias/pb-cert.db"

template

Description Maps specific object classes to internal Gateway templates. These templates define how a specific object class such as a person, a group, or an organizational unit is displayed in the Gateway. The templatename identified has a corresponding HTML template stored in dsgw/conf/.

Format template <templatename> <objectclass>

Example The following example identifies orgperson as the template defining attributes for person and inetorgperson object classes:

template orgperson person inetorgperson

vcard-property

Description The directory server Gateway allows users to view vCards for person and NT person directory entries. The vCard and LDAP specifications define different labels to access information: vCards use properties and LDAP uses attributes. Therefore, there must be a way to map the vCard property names to the LDAP attribute names so that the directory server can locate the information for the vCard display. The vcard-property parameter accomplishes this vCard property to LDAP attribute mapping.

Format vcard-property <vcardprop> <syntax> <ldapattr> [<ldapattr2>...]

<vcardprop>. The name of a vCard property. vCard properties that are currently mapped to LDAP attributes are:

<syntax>. A string that describes the nature of the vCard information. The following syntaxes are supported:

<ldapattr> [<ldapattr2>...]. The attribute(s) to be mapped to the vCard property. This is useful when mapping a vCard property to a custom attribute.

Example The following example changes the mapping of the NOTE property from the default description attribute to a custom attribute named hobbies:

vcard-property NOTE mls hobbies

 

© Copyright 1998 Netscape Communications Corporation