Note: this component is designated "advanced", which means that objects of this type are not expected to be created or altered in most environments. If you believe that such a change is necessary, you may want to contact support in order to understand the potential impact of that change.
Note: this is an abstract component that cannot be instantiated.
Pass Through Authentication Handlers are used in conjunction with the pluggable pass-through authentication plugin to handle all interaction with the external authentication service.
The following Pass Through Authentication Handlers are available in the server :
These Pass Through Authentication Handlers inherit from the properties described below.
The following components have a direct aggregation relation from Pass Through Authentication Handlers:
The following components have a direct aggregation relation to Pass Through Authentication Handlers:
The properties supported by this managed object are as follows:
| Basic Properties: | Advanced Properties: |
|---|---|
| description | None |
| included-local-entry-base-dn | |
| connection-criteria | |
| request-criteria |
| Description | A description for this Pass Through Authentication Handler |
| Default Value | None |
| Allowed Values | A string |
| Multi-Valued | No |
| Required | No |
| Admin Action Required | None. Modification requires no further action |
| Description | The base DNs for the local users whose authentication attempts may be passed through to the external authentication service. If one or more base DNs are specified, then only binds attempted by users at or below one of those base DNs may be passed through to the external authentication service. If no base DNs are specified, then only the associated pass-through authentication plugin's set of included local entry base DNs will be used. |
| Default Value | None |
| Allowed Values | A valid DN. |
| Multi-Valued | Yes |
| Required | No |
| Admin Action Required | None. Modification requires no further action |
| Description | A reference to connection criteria that will be used to indicate which bind requests should be passed through to the external authentication service. If a connection criteria object is specified, then only bind requests from clients that match this criteria may be passed through to the external authentication service. If no connection criteria object is specified, then bind requests from any client may be passed through. |
| Default Value | None |
| Allowed Values | The DN of any Connection Criteria. |
| Multi-Valued | No |
| Required | No |
| Admin Action Required | None. Modification requires no further action |
| Description | A reference to request criteria that will be used to indicate which bind requests should be passed through to the external authentication service. If a request criteria object is specified, then only bind requests that match this criteria may be passed through to the external authentication service. If no request criteria object is specified, then all bind requests may be passed through. |
| Default Value | None |
| Allowed Values | The DN of any Request Criteria. |
| Multi-Valued | No |
| Required | No |
| Admin Action Required | None. Modification requires no further action |
To list the configured Pass Through Authentication Handlers:
dsconfig list-pass-through-authentication-handlers
[--property {propertyName}] ...
To view the configuration for an existing Pass Through Authentication Handler:
dsconfig get-pass-through-authentication-handler-prop
--handler-name {name}
[--tab-delimited]
[--script-friendly]
[--property {propertyName}] ...
To update the configuration for an existing Pass Through Authentication Handler:
dsconfig set-pass-through-authentication-handler-prop
--handler-name {name}
(--set|--add|--remove) {propertyName}:{propertyValue}
[(--set|--add|--remove) {propertyName}:{propertyValue}] ...
To delete an existing Pass Through Authentication Handler:
dsconfig delete-pass-through-authentication-handler
--handler-name {name}