Name syntax for LDAP directory services

The libtcl.cfg and the libtcl64.cfg files (collectively libtcl*.cfg files) determine whether the interfaces file or LDAP directory services should be used. If LDAP is specified in the libtcl*.cfg file, the interfaces file is ignored unless the application specifically overrides the libtcl*.cfg file by passing the -I parameter while connecting to a server.

You use the libtcl*.cfg to specify the LDAP server name, port number, DIT base, user name, and password to authenticate the connection to an LDAP server. In the libtcl*.cfg file, LDAP directory services are specified with a URL in the DIRECTORY section.

For example:

[DIRECTORY] 
ldap=libsybdldap.so
ldap://huey:11389/dc=sybase,dc=com??
     one????bindname=cn=Manager,dc=sybase,dc=com secret

Table 2-22 defines the keywords for the ldapurl variables.

Table 2-22: ldapurl variables

Keyword

Description

Default

CS_* property

host (required)

The host name or IP address of the machine running the LDAP server

None

port

The port number on which the LDAP server is listening

389

ditbase (required)

The default DIT base

None

CS_DS_DITBASE

username

Distinguished name (DN) of the user to authenticate

NULL (anonymous authentication)

CS_DS_PRINCIPAL

password

Password of the user to be authenticated

NULL (anonymous authentication)

CS_DS_PASSWORD

You can find a complete list of Sybase’s LDAP directory schema in:

To create an encrypted connection with the LDAP server using LDAPS, use:

ldap=libsybdldap.so
ldaps://huey:636/dc=sybase,dc=com????
bindname=cn=Manager,dc=Sybase,dc=com?secret

If no port number is specified using ldaps://, port 636 will be used by default.

To create an encrypted connection by using and upgrading the standard LDAP listener, use:

ldap=libsybdldap.so starttls
ldap://huey:389/dc=sybase,dc=com????
bindname=cn=Manager,dc=Sybase,dc=com?secret

If no port number is specified using ldap://, port 389 will be used by default.


Schema and name syntax for Microsoft Active Directory

The directory schema for use with Microsoft Active Directory is sybase.ldf. You can import sybase.ldf into the Active Directory (AD) or into an Active Directory Application Mode (ADAM) instance using the ldifde.exe command provided in the ADAM installation. To import the directory schema, execute the ldifde.exe command from the ADAM installation using this syntax:

ldifde -i -u -f sybase.ldf -s server:port -b username
domain password -j . -c "cn=Configuration,dc=X"
#configurationNamingContext

After the schema has been successfully imported into the Active Directory, you can create a container for the Sybase server entries and set appropriate read and write permissions for the container and its child objects.

For example, a container with a relative distinguished name (RDN) “CN=SybaseServers” is created in the root of the Active Directory for domain “mycompany.com” to store and retrieve Sybase server entries. The root distinguished name (rootDN) for this container is reflected in the libtcl.cfg file as:

ldap=libsybdldap.dll ldap://localhost:389/
cn=SybaseServers,dc=mycompany,dc=com??...

If you create a dedicated user account name “Manager” with password “secret” in the Active Directory to add and modify Sybase server entries, the complete entry in the libtcl.cfg file is:

After setting the appropriate read and write permissions, you will be able to use the Sybase utility programs such as dscp or dsedit to store, view, and modify Sybase server entries in the Active Directory.