Configuring the Authentication Service for LDAP

Article:HOWTO15077  |  Created: 2009-01-05  |  Updated: 2013-11-07  |  Article URL http://www.symantec.com/docs/HOWTO15077
Article Type
How To


Environment


Configuring the Authentication Service for LDAP

The Symantec Product Authentication Service supports Lightweight Directory Access Protocol (LDAP) authentication through a plugin module, authldap, that ships with the Authentication Broker. authldap is a shared library based on RFC 2307. It can be configured to communicate with one LDAP directory server per security domain.

We recommend the following for deploying the Authentication Service with LDAP:

  • Use the schema specified in RFC 2307 when storing NIS data in LDAP directories

  • Configure to communicate to a single LDAP directory server per domain at any given time

  • Deploy with Secure Socket Layer (SSL) enabled because user name and password are unprotected during transmission

To configure the Authentication Service for use with LDAP

  1. Shut down the Symantec Product Authentication Service server.

  2. Locate the VRTSatLocal.conf file.

    This file resides in the following location:

    Solaris—/var/VRTSat/.VRTSat/profile

    Windows—\Program Files\Veritas\Security\Authentication\systemprofile

  3. Edit the VRTSatLocal.conf file by doing the following:

  4. Restart the Authentication Service server. (You do not need to reboot the Authentication Service host.)



Legacy ID



319104


Article URL http://www.symantec.com/docs/HOWTO15077


Terms of use for this information are found in Legal Notices