Use this form to configure FirstClass Directory Services (FCDS).General tab
Use this tab to specify the root for the Directory Services tree view, the FirstClass subadministrator user ID and password, and the information to use when creating aliases.The DN that you want FCDS to use as the root (highest level) of the FirstClass Directory's tree view.
Directory root DN
Example:The FirstClass Provisioning Protocol port number on the FirstClass server.
This is normally the same as the external LDAP server's root DN. If you only want to replicate a subtree of the external LDAP server's directory, type the DN that represents the root of that subtree.
User IDYour FirstClass subadministrator user ID.
PasswordYour FirstClass subadministrator password.
SMTP user aliases
By default, FCDS creates an SMTP user alias for any user who doesn't already have an alias. This alias takes the form you specify here.
FCDS won't create SMTP user aliases for remote names.
Generate SMTP user aliasesGenerates aliases if they don't already exist.
Generate name from"First and last name" generates the name portion of the alias from the user's first name, then the user's last name.
Resulting alias: first separator last@domainor
"Last and first name" generates the name portion of the alias from the user's last name, then the user's first name.
Resulting alias: last separator first@domain
"User ID" generates the name portion of the alias from the user's user ID.
Resulting alias: user_id@domain
"Separator character" specifies the character to use between name elements (first, last, and initials).
"Use initials" adds the user's initials to the end of the name portion of the alias. The initials aren't edited, so will include any periods that were entered.
Resulting alias: first separator last separator initials@domain
last separator first separator initials@domain
DomainThe domain name to use for the creation of user aliases. This domain name is used if the highest organizational unit for that user doesn't have a domain name.
Use this tab to specify the LDAP port number of the machine on which Directory Services is running, the operation mode, whether to actually delete entries in slave mode, and what to show in the Directory Services tree view. You can also specify an LDIF file to be imported to the FirstClass Directory.The LDAP port number on the machine running Directory Services.
ModeThe operating mode for FCDS.
Enable deleteTruly deletes from the FirstClass Directory any "deleted" entries. By default, FCDS unlists these entries and moves them to the DS Deleted group instead.
ShowSelect the information you want FCDS to display in the FirstClass Directory tree view.
LDIF fileThe full path and name of the LDIF file that you will be importing to the FirstClass Directory.
Use this tab to allow certain types of logins to Directory Services, and to specify any authentication filter to be used when authentication is done by the external LDAP server.
Directory Services authentication and security
Allow anonymous loginAllows anonymous logins to Directory Services by external connections.
Use secure connections (SSL)Allows external SSL connections to Directory Services. If you select this field, supply your SSL port number and certificate file name.
SSL portThe SSL port number on the machine running Directory Services.
Certificate file nameThe name of the certificate file that you want Directory Services to use for secure connections.
External LDAP server authentication
Authentication filterThe LDAP search filter to use when Directory Services connects to the external LDAP server for login authentications.
The filter must be an RFC 2254-compliant text filter. A example filter is(!(studentStatus=suspended))
which means the student status is not suspended.
If the search result is true (in the example above, the user trying to log in is not suspended), the user is authenticated.
FirstClass login authentication
Authentication methodWhat will authenticate logins to the FirstClass server. If you choose FirstClass Secure, the FirstClass server will authenticate logins. If you choose Remote Only, the external LDAP server will authenticate logins. If you choose Remote with FirstClass, either the external LDAP server or the FirstClass server will authenticate logins, with the external LDAP server being tried first.
With either remote authentication choice, the FirstClass server will negotiate with the client to get the encrypted login credentials.LDAP Server tab
Use this tab to identify the external LDAP server.The IP address or domain name of the external LDAP server.
LDAP portThe LDAP port number on the external LDAP server.
Login DNThe login DN on the external LDAP server.
Login passwordThe login password on the external LDAP server.
TypeThe type of external LDAP server. For OpenLDAP, choose Generic. For other server types not documented here, try Generic. Certain other server types may work with this setting.