ad
The [ad] section contains Active Directory tokens with the parameters that you entered during installation.
capamsc141
The [ad] section contains Active Directory tokens with the parameters that you entered during installation
.
- ad_domainDefines the name of the Active Directory domain.Do not manually edit the value of this configuration setting. Use the uxconsole -register utility to set the value of this configuration setting.
- ad_gc_portSpecifies the port that the Active Directory Global Catalog service uses.Default: 3268
- ad_siteDefines the name of the Active Directory site that contains the DCs that the UNIX host uses to communicate with Active Directory.Any values in the lookup_dc_list override the value of this configuration setting. The UNIX host does not communicate with any DC listed in the ignore_dc_list configuration setting.Do not manually edit the value of this configuration setting. Use the uxconsole -register utility to set the value of this configuration setting.Default: none
- base_dnDefines the base_dn of the Active Directory server.PAM Server Controlautomatically sets the value of this configuration setting.
- cache_cleanup_intervalSpecifies the cleanup interval, in hours to clean up the local users and group cache for users that are removed from partner domains with one-way trust with the registered domain. This parameter is ignored if the registration domain has no partners with one-way trust.Value: Any positive integer.Default: 24Example: cache_cleanup_interval = 24
- cache_cleanup_startup_timeSpecifies the start time to clean up the local users and group cache for users that are removed from partner domains with one-way trust with the registered domain. This parameter is ignored if the registration domain has no partners with one-way trust.Value: Any integer from 0 through 23.Default: 3 (cleanup starts at 3am)Example: cache_cleanup_startup_time = 3
- computer_containerDefines the location of the UNIX host in Active Directory.Default: cn=Computers
- domain_query_orderSpecifies the order in which UNAB queries Active Directory domains for users and groups.Options: none-no order specified; comma separated list of Active Directory domainsDefault: none
- group_containerSpecifies the base entry to search for UNIX users in Active Directory.Limits: container name (cn=groups), ROOT for the complete Active Directory query.Default: ROOT
- group_custom_filterSpecifies a custom search filter to apply during groups search in Active Directory.Example: gidNumber=*Default: none
- ignore_dc_listSpecifies the Active Directory domain controllers that are ignored for LDAP connection.Options: none, comma separated list of fully qualified host namesDefault: none
- ignore_domain_listSpecifies the Active Directory domains that UNAB ignores when it queries users and groups.Options: none - query current and all trusted domains; all - do not query trusted domains; a comma separated list of domains to ignore.Default: none
- ignore_group_containerSpecifies the Active Directory group containers to ignore. Containers are defined by their Distinguished Names, comma separated.Limits: none, comma separated list of distinguished namesDefault: none
- ignore_user_containerSpecifies the Active Directory user containers to ignore. Containers are defined by their Distinguished Names, comma separated.Limits: none, comma separated list of distinguished namesDefault: none
- ldap_portDefines the port the Active Directory LDAP service uses.Default: 389
- lookup_dc_listSpecifies the Active Directory domain controllers that are used for LDAP connection. If you specify a list of domain controllers, UNAB uses the specified domain controllers only. If you do not specify the DCs to use, UNAB discovers the Active Directory site that is closest to the physical location of the endpoint and communicates with DCs in the discovered site.Options: none, comma separated list of fully qualified host names.Default: none
- lookup_domain_listSpecifies the Active Directory domains that established a bi-directional trust with the domain that you registered UNAB.Options: none,UNAB automatically discovers the trusted domains, comma separated list of trusted domainsDefault: none
- user_containerSpecifies the base entry to search for UNIX users in Active Directory.Limits: container name, ROOT for complete Active Directory query.Default:ROOT
- user_custom_filterSpecifies a custom search filter to apply during users search in Active Directory.Default: none