<?xml version="1.0" encoding="utf-8"?>
|
<!--
|
! CDDL HEADER START
|
!
|
! The contents of this file are subject to the terms of the
|
! Common Development and Distribution License, Version 1.0 only
|
! (the "License"). You may not use this file except in compliance
|
! with the License.
|
!
|
! You can obtain a copy of the license at
|
! trunk/opends/resource/legal-notices/OpenDS.LICENSE
|
! or https://OpenDS.dev.java.net/OpenDS.LICENSE.
|
! See the License for the specific language governing permissions
|
! and limitations under the License.
|
!
|
! When distributing Covered Code, include this CDDL HEADER in each
|
! file and include the License file at
|
! trunk/opends/resource/legal-notices/OpenDS.LICENSE. If applicable,
|
! add the following below this CDDL HEADER, with the fields enclosed
|
! by brackets "[]" replaced with your own identifying information:
|
! Portions Copyright [yyyy] [name of copyright owner]
|
!
|
! CDDL HEADER END
|
!
|
!
|
! Copyright 2007-2008 Sun Microsystems, Inc.
|
! -->
|
<adm:managed-object name="network-group-criteria" plural-name="network-group-criteria"
|
package="org.opends.server.admin.std"
|
xmlns:adm="http://www.opends.org/admin"
|
xmlns:ldap="http://www.opends.org/admin-ldap">
|
|
<adm:synopsis>
|
The <adm:user-friendly-name /> is used to classify incoming connections.
|
</adm:synopsis>
|
|
<adm:tag name="core-server" />
|
|
<adm:profile name="ldap">
|
<ldap:object-class>
|
<ldap:name>ds-cfg-network-group-criteria</ldap:name>
|
<ldap:superior>top</ldap:superior>
|
</ldap:object-class>
|
</adm:profile>
|
|
<adm:property name="allowed-auth-method" multi-valued="true">
|
<adm:synopsis>
|
Specifies the allowed authorization methods for a client connection to
|
match the <adm:user-friendly-name />.
|
</adm:synopsis>
|
<adm:default-behavior>
|
<adm:undefined />
|
</adm:default-behavior>
|
<adm:syntax>
|
<adm:enumeration>
|
<adm:value name="anonymous">
|
<adm:synopsis>
|
Anonymous connections.
|
</adm:synopsis>
|
</adm:value>
|
<adm:value name="simple">
|
<adm:synopsis>
|
Simple bind connections, with bind DN and password.
|
</adm:synopsis>
|
</adm:value>
|
<adm:value name="sasl">
|
<adm:synopsis>
|
SASL/external connections, with a certificate containing the
|
user authentication.
|
</adm:synopsis>
|
</adm:value>
|
</adm:enumeration>
|
</adm:syntax>
|
<adm:profile name="ldap">
|
<ldap:attribute>
|
<ldap:name>ds-cfg-allowed-auth-method</ldap:name>
|
</ldap:attribute>
|
</adm:profile>
|
</adm:property>
|
|
<adm:property name="allowed-ldap-port" multi-valued="true">
|
<adm:synopsis>
|
Specifies the allowed LDAP ports for the client connection to match the
|
<adm:user-friendly-name />.
|
</adm:synopsis>
|
<adm:default-behavior>
|
<adm:undefined />
|
</adm:default-behavior>
|
<adm:syntax>
|
<adm:enumeration>
|
<adm:value name="ldap">
|
<adm:synopsis>
|
Connection over ldap port.
|
</adm:synopsis>
|
</adm:value>
|
<adm:value name="ldaps">
|
<adm:synopsis>
|
Connection over ldaps port.
|
</adm:synopsis>
|
</adm:value>
|
</adm:enumeration>
|
</adm:syntax>
|
<adm:profile name="ldap">
|
<ldap:attribute>
|
<ldap:name>ds-cfg-allowed-ldap-port</ldap:name>
|
</ldap:attribute>
|
</adm:profile>
|
</adm:property>
|
|
<adm:property name="bind-dn-filter" multi-valued="true">
|
<adm:synopsis>
|
Specifies a bind DN filter for the client connection to match the
|
<adm:user-friendly-name />.
|
</adm:synopsis>
|
<adm:description>
|
A valid bind DN filter is a string composed of zero or more
|
wildcards. A double wildcard ** replaces one or more RDN
|
components (as in uid=dmiller,**,dc=example,dc=com). A simple
|
wildcard * replaces either a whole RDN, or a whole type, or a
|
value substring (as in uid=bj*,ou=people,dc=example,dc=com).
|
</adm:description>
|
<adm:default-behavior>
|
<adm:undefined />
|
</adm:default-behavior>
|
<adm:syntax>
|
<adm:string />
|
</adm:syntax>
|
<adm:profile name="ldap">
|
<ldap:attribute>
|
<ldap:name>ds-cfg-bind-dn-filter</ldap:name>
|
</ldap:attribute>
|
</adm:profile>
|
</adm:property>
|
|
<adm:property name="ip-address-filter" multi-valued="true">
|
<adm:synopsis>
|
Specifies an IP address filter for the <adm:user-friendly-name />.
|
</adm:synopsis>
|
<adm:description>
|
A valid IP address mask can be one of the followings:
|
129.34.55.67
|
129.*.78.55
|
.sun.com
|
foo.sun.com
|
foo.*.sun.*
|
128.*.*.*
|
129.45.23.67/22
|
128.33.21.21/32
|
*.*.*.*
|
129.45.67.34/0
|
foo.com
|
foo
|
2001:fecd:ba23:cd1f:dcb1:1010:9234:4088/124
|
2001:fecd:ba23:cd1f:dcb1:1010:9234:4088
|
[2001:fecd:ba23:cd1f:dcb1:1010:9234:4088]/45
|
::/128
|
::1/128
|
::
|
</adm:description>
|
<adm:default-behavior>
|
<adm:undefined />
|
</adm:default-behavior>
|
<adm:syntax>
|
<adm:ip-address-mask />
|
</adm:syntax>
|
<adm:profile name="ldap">
|
<ldap:attribute>
|
<ldap:name>ds-cfg-ip-address-filter</ldap:name>
|
</ldap:attribute>
|
</adm:profile>
|
</adm:property>
|
|
<adm:property name="is-security-mandatory">
|
<adm:synopsis>
|
Specifies whether security is mandatory for the
|
<adm:user-friendly-name />.
|
</adm:synopsis>
|
<adm:default-behavior>
|
<adm:defined>
|
<adm:value>
|
false
|
</adm:value>
|
</adm:defined>
|
</adm:default-behavior>
|
<adm:syntax>
|
<adm:boolean />
|
</adm:syntax>
|
<adm:profile name="ldap">
|
<ldap:attribute>
|
<ldap:name>ds-cfg-is-security-mandatory</ldap:name>
|
</ldap:attribute>
|
</adm:profile>
|
</adm:property>
|
|
<adm:property name="user-entry-filter">
|
<adm:synopsis>
|
Specifies a search filter that the entry of a bound client
|
must match.
|
</adm:synopsis>
|
<adm:default-behavior>
|
<adm:undefined />
|
</adm:default-behavior>
|
<adm:syntax>
|
<adm:string />
|
</adm:syntax>
|
<adm:profile name="ldap">
|
<ldap:attribute>
|
<ldap:name>ds-cfg-user-entry-filter</ldap:name>
|
</ldap:attribute>
|
</adm:profile>
|
</adm:property>
|
|
</adm:managed-object>
|
