...
Apache Directory Server has many different configuration parameters. This page summarize all the possible parameters, and what are the default values for all of them.
The global structure is given here :
- defaultDirectoryService
- defaultChangeLog
- interceptors
- AciAuthorizationInterceptor
- AuthenticationInterceptor
- ChangeLogInterceptor
- CollectiveAttributeInterceptor
- DefaultAuthorizationInterceptor
- EventInterceptor
- ExceptionInterceptor
- KeyDerivationInterceptor
- NormalizationInterceptor
- OperationalAttributeInterceptor
- PasswordPolicyInterceptor
- ReferralInterceptor
- ReplicationInterceptor
- SchemaInterceptor
- SubentryInterceptor
- TriggerInterceptor
- partitions
- systemPartition
- testEntries
Interceptors
We have currently 16 possible interceptors we can use in the server. It's important to understand that some of them are mandatory, and other can be activated or disabled. The interceptors order is also very important : most of them can't be moved up or down, without severely impact the server behaviour.
...
- AciAuthorizationInterceptor
- AuthenticationInterceptor
- ChangeLogInterceptor
- CollectiveAttributeInterceptor
- DefaultAuthorizationInterceptorChangeLogInterceptor
- EventInterceptor
- ExceptionInterceptor
- KeyDerivationInterceptor
- NormalizationInterceptor
- OperationalAttributeInterceptor
- PasswordPolicyInterceptor
- ReferralInterceptor
- SchemaInterceptor
- SubentryInterceptor
- TriggerInterceptor
...
Parameter | Default | Mandatory | Description | ||
|---|---|---|---|---|---|
<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="11d6e88fd80a3111-22ff5485-46d44b36-a2f0b494-d2489867c4cd825274bae7e1"><ac:plain-text-body><![CDATA[ | attributeId | NA | yes | The attributeType to index (see below, [1]) | ]]></ac:plain-text-body></ac:structured-macro> |
cacheSize | 100 | no | The number of objects stored into the cache | ||
numDupLimit | 512 | no | WARNING : this is a technical parameter, do not | ]]></ac:plain-text-body></ac:structured-macro> | |
wkDirPath | NA | no | WARNING : this is a technical parameter, do not |
...
Parameter | Default | Mandatory | Description | ||
|---|---|---|---|---|---|
allowableClockSkew | 5 minutes | no | The allowable clock skew. | ||
emptyAddressesAllowed | true | no | Whether tickets issued with empty Host Addresses are allowed. | ||
<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="ab4bab9c2024a8a9-f4fb21a4-44a44639-a439b3c9-e7a2fb7cf453c3da8a6af327"><ac:plain-text-body><![CDATA[ | encryptionTypes | des-cbc-md5 | no | A list of possible encryption types. See [1] for the possible values | ]]></ac:plain-text-body></ac:structured-macro> |
policyCategoryCount | 3 | no | The policy for number of character categories required (A - Z), (a - z), (0 - 9), | ||
policyPasswordLength | 6 | no | The policy for minimum password length. | ||
policyTokenSize | 3 | no | The policy for minimum token size. Passwords must not contain tokens smaller | ||
primaryRealm | EXAMPLE.COM | no | The primary realm. | ||
servicePrincipal | kadmin/changepw@EXAMPLE.COM | no | The service principal name. |
...
Here is an example of configuration in the server.xml file :
| Code Block |
|---|
<ldapService>
...
<!-- The desired quality-of-protection, used by DIGEST-MD5 and GSSAPI. -->
<saslQop>
<s:value>auth</s:value>
<s:value>auth-int</s:value>
<s:value>auth-conf</s:value>
</saslQop>
...
|
...
Here is an example in the server.xml file :
| Code Block |
|---|
<ldapService>
...
<!-- The realms serviced by this SASL host, used by DIGEST-MD5 and GSSAPI. -->
<saslRealms>
<s:value>example.com</s:value>
<s:value>apache.org</s:value>
</saslRealms>
...
|
...
There is no specific parameter for the NtpServer. The AbstractProtocolService parameters have to be used in order to configure this server. Here is an example of configuration :
| Code Block |
|---|
<NtpServer ipPort="60123" nbThreads="8"/>
|
...