Lightweight Directory Access Protocol (LDAP) is an industry standard for accessing directory services. Directory services allow components to look up information by a distinguished name (DN) from an LDAP server that stores and manages server, user, and software information that is used throughout the enterprise or over a network.
The LDAP server can be located on a different platform from the one on which Adaptive Server or the clients are running. LDAP defines the communication protocol and the contents of messages exchanged between clients and servers. Messages are operators, such as client requests for read, write and query, and server responses, including data-format information.
The LDAP server can store and retrieve information about:
Adaptive Server, such as IP address, port number, and network protocol
Security mechanisms and filters
High availability companion server name
Authentication information for user access to Adaptive Server
You can authenticate users logging in to Adaptive Server through information stored in the syslogins directory or through a centralized LDAP server that enables a single login and password throughout the enterprise. See Chapter 10, “Managing Adaptive Server Logins, Database Users, and Client Connections,” for more information.
The LDAP server can be configured with these access restrictions:
Anonymous authentication – all data is visible to any user.
User name and password authentication – Adaptive Server uses the default user name and password from the file:
UNIX, u32-bit – $SYBASE/$SYBASE_OCS/config/libtcl.cfg
UNIX, 64-bit – $SYBASE/$SYBASE_OCS/config/libtcl64.cfg
NT – %SYBASE%\%SYBASE_OCS%\ini\libtcl.cfg
User name and password authentication properties establish and end a session connection to an LDAP server.
The default user name and password stored in libtcl.cfg and passed to the LDAP server for authentication purposes are distinct and different from those used to access Adaptive Server. The default user name and password allow access to the LDAP server for administrative tasks.
See “Creating and managing Adaptive Server logins using LDAP” for information about using an LDAP server to store user accounts for accessing Adaptive Server.
When an LDAP server is specified in the libtcl.cfg or libtcl64.cfg file (collectively libtcl*.cfg file), the server information is accessible only from the LDAP server. Adaptive Server ignores the interfaces file.
If multiple directory services are supported in a server, then the order in which they are searched is specified in libtcl*.cfg. You cannot specify the search order with the dataserver command-line option.