|
da questo dispositivo ha anche altre istruzioni :
Facilità d'uso
HP OpenVMS Enterprise Directory V5.6
User password hashing is also incorporated,
Protocols
where ‘user’ is any LDAP client application
that has an identity in the directory.
The Directory Service is based on the client-
server model. The DSA server supports the
The OpenVMS Enterprise Directory supports a
directorySystemAC application context (DSP
subset of the Simplified Access Control
protocol) to communicate with other DSAs.
scheme from the 1993 edition of the standard.
Communications between server DSAs and
This allows administrators to define policies
client DUAs are supported by the
that control access rights (such as read,
directoryAccessAC application context (DAP
browse, modify, remove) to entries and
protocol). DAP enables DUAs in other X.500
individual attributes within a particular part of
implementations to access the OpenVMS
the directory (naming context).
Enterprise Directory DSA and vice-versa. DSP
enables full inter-working with DSAs in other
The OpenVMS Enterprise Directory allows for
implementations.
the authentication of users by name and
password. It also allows access to be restricted
The X.500 DSA server supports LDAPv2 and
based on network address and for chained
LDAPv3 protocols.
operations.
For shadowing, the DSA supports
Distributed Operations
shadowSupplierInitiatedAC and
shadowConsumerInitiatedAC application
The DSA supports standard X.500 distributed
contexts in both the synchronous and
operations including chaining and referrals.
asynchronous variants (DISP protocol) and the
Knowledge management of superior and
directoryOperational BindingManagementAC
subordinate references allows an OpenVMS
application context (DOP protocol).
Enterprise Directory DSA to participate as a
first-level DSA or a subordinate DSA in a
The OpenVMS Enterprise Directory V5.6 runs
multi-vendor distributed Directory Information
on the OpenVMS Integrity and Alpha
Base (DIB).
operating systems. It provides integrated,
multi-protocol support allowing concurrent
Replication
DAP and DSP access over OSI (using
transport classes TP0, TP2, TP4) and
The OpenVMS Enterprise Directory supports
RFC1006 over TCP/IP.
shadowing of data between DSAs, allowing
data to be replicated in the network for high
Security – SSL/TLS Support
availability and performance. Shadowing also
allows replication of knowledge information
Secure Socket Layer/Transport Layer Security
for distributed operation, access control
support is provided utilising the SSL shareable
policies and authentication information, thus
library in OpenVMS V7.3-2 and above.
reducing the amount of management required.
The Directory can receive commands over a
Selective Shadowing
secure line using LDAPv3. The following
protocols are non-simultaneously supported:
Selective Shadowing offers the ability to
• SSLv23
specify which attributes can and cannot be
• SSLv3
shadowed to a consumer DSA.
• TLSv1
The shadowing filter is controlled by the
The Directory does not provide a default or
shadowingAttributeSelection attribute in the
private key. These may be obtained from
shadow agreement subentry. Thus there is a
http://www.openssl.org
specific filter for every shadowing agreement.
The Directory can be placed in one of three
Shadowed information is represented using the
management selectable security states – no
DSA Information Model defined in the 1993
security, selectable security and mandatory
edition of the standard. OpenVMS Enterprise
security.
Directory supports the shadowing service
defined in X.525, including supplier initiated
Database
and consumer-initiated agreements, both
scheduled and on change replication providing
The OpenVMS Enterprise Directory provides
full or incremental updates.
a Directory Information Base based on the
1993 - 2007 Hewlett-Packard Development Company, L.P. 3 September, 2007
...