PingAuthorize Server Documentation Index
Configuration Reference Home

LDAP Server Instance Listener

Note: this component is designated "advanced", which means that objects of this type are not expected to be created or altered in most environments. If you believe that such a change is necessary, you may want to contact support in order to understand the potential impact of that change.

Note: this component stores topology administrative data and is mirrored across all servers in the topology. It is not intended to be modified directly and is instead managed by the setup and uninstall tools.

Note: changes to topology configuration objects are immediately and automatically mirrored across all servers, so offline changes are not supported.

LDAP Server Instance Listeners are used to identify listeners to changes related to LDAP server instances defined within the system.

Parent Component
Properties
dsconfig Usage

Parent Component

The LDAP Server Instance Listener component inherits from the Server Instance Listener

Properties

The properties supported by this managed object are as follows:


Basic Properties: Advanced Properties:
↓ purpose  None
↓ server-ldap-port
↓ connection-security
↓ listener-certificate

Basic Properties

purpose

Description
Identifies the purpose of this Server Instance Listener.
Default Value
mirrored-config
Allowed Values
mirrored-config - Specifies that this Server Instance Listener is to be used for listening to changes to mirrored data. Mirrored data pertains to cluster-wide configuration data that is mirrored across servers in a topology. It also includes meta-data pertaining to the servers in the topology.
Multi-Valued
Yes
Required
No
Admin Action Required
None. Modification requires no further action

server-ldap-port

Description
The TCP port number on which the LDAP server is listening.
Default Value
1389
Allowed Values
An integer value. Lower limit is 1. Upper limit is 65535 .
Multi-Valued
No
Required
No
Admin Action Required
None. Modification requires no further action

connection-security

Description
Specifies the mechanism to use for securing connections to the server.
Default Value
none
Allowed Values
none - Connections to the server will not be secured.

ssl - Connections to the server will be secured using SSL.

starttls - Connections to the server will be secured using StartTLS.
Multi-Valued
No
Required
No
Admin Action Required
None. Modification requires no further action

listener-certificate

Description
The public component of the certificate that the listener is expected to present to clients. When establishing a connection to this server, only the certificate(s) listed here will be trusted. The value of this property should be the PEM-encoded representation of the certificate that the listener presents to clients during TLS negotiation, including the "-----BEGIN CERTIFICATE-----" header and the "-----END CERTIFICATE" footer.
If the listener certificate needs to be updated, then it may be temporarily necessary for this property to have information about the old and new certificates. That can be accomplished by including information about both certificates in the same file, each with their own begin and end headers and footers.
Blank lines, and lines that start with the octothorpe character (#) will be ignored.
Default Value
None
Allowed Values
application/x-x509-server-cert
Multi-Valued
No
Required
No
Admin Action Required
None. Modification requires no further action


dsconfig Usage

To list the configured Server Instance Listeners:

dsconfig list-server-instance-listeners
     [--property {propertyName}] ...

To view the configuration for an existing Server Instance Listener:

dsconfig get-server-instance-listener-prop
     --listener-name {name}
     --instance-name {name}
     [--tab-delimited]
     [--script-friendly]
     [--property {propertyName}] ...

To update the configuration for an existing Server Instance Listener:

dsconfig set-server-instance-listener-prop
     --listener-name {name}
     --instance-name {name}
     (--set|--add|--remove) {propertyName}:{propertyValue}
     [(--set|--add|--remove) {propertyName}:{propertyValue}] ...