Note: this component is designated "advanced", which means that objects of this type are not expected to be created or altered in most environments. If you believe that such a change is necessary, you may want to contact support in order to understand the potential impact of that change.
Note: this component stores topology administrative data and is mirrored across all servers in the topology. It is not intended to be modified directly and is instead managed by the setup and uninstall tools.
Note: changes to topology configuration objects are immediately and automatically mirrored across all servers, so offline changes are not supported.
LDAP Server Instance Listeners are used to identify listeners to changes related to LDAP server instances defined within the system.
The LDAP Server Instance Listener component inherits from the Server Instance Listener
The properties supported by this managed object are as follows:
Basic Properties: | Advanced Properties: |
---|---|
purpose | None |
server-ldap-port | |
connection-security | |
listener-certificate |
Description | Identifies the purpose of this Server Instance Listener. |
Default Value | mirrored-config |
Allowed Values | mirrored-config - Specifies that this Server Instance Listener is to be used for listening to changes to mirrored data. Mirrored data pertains to cluster-wide configuration data that is mirrored across servers in a topology. It also includes meta-data pertaining to the servers in the topology. |
Multi-Valued | Yes |
Required | No |
Admin Action Required | None. Modification requires no further action |
Description | The TCP port number on which the LDAP server is listening. |
Default Value | 1389 |
Allowed Values | An integer value. Lower limit is 1. Upper limit is 65535 . |
Multi-Valued | No |
Required | No |
Admin Action Required | None. Modification requires no further action |
Description | Specifies the mechanism to use for securing connections to the server. |
Default Value | none |
Allowed Values | none - Connections to the server will not be secured. ssl - Connections to the server will be secured using SSL. starttls - Connections to the server will be secured using StartTLS. |
Multi-Valued | No |
Required | No |
Admin Action Required | None. Modification requires no further action |
Description | The public component of the certificate that the listener is expected to present to clients. When establishing a connection to this server, only the certificate(s) listed here will be trusted. The value of this property should be the PEM-encoded representation of the certificate that the listener presents to clients during TLS negotiation, including the "-----BEGIN CERTIFICATE-----" header and the "-----END CERTIFICATE" footer. If the listener certificate needs to be updated, then it may be temporarily necessary for this property to have information about the old and new certificates. That can be accomplished by including information about both certificates in the same file, each with their own begin and end headers and footers. Blank lines, and lines that start with the octothorpe character (#) will be ignored. |
Default Value | None |
Allowed Values | application/x-x509-server-cert |
Multi-Valued | No |
Required | No |
Admin Action Required | None. Modification requires no further action |
To list the configured Server Instance Listeners:
dsconfig list-server-instance-listeners [--property {propertyName}] ...
To view the configuration for an existing Server Instance Listener:
dsconfig get-server-instance-listener-prop --listener-name {name} --instance-name {name} [--tab-delimited] [--script-friendly] [--property {propertyName}] ...
To update the configuration for an existing Server Instance Listener:
dsconfig set-server-instance-listener-prop --listener-name {name} --instance-name {name} (--set|--add|--remove) {propertyName}:{propertyValue} [(--set|--add|--remove) {propertyName}:{propertyValue}] ...