Detailed instructions for use are in the User's Guide.
[. . . ] Novell eDirectory 8. 8 Administration Guide
novdocx (en) 6 April 2007
Novell eDirectory
8. 8 SP2
October 12, 2007
TM
www. novell. com ADMINISTRATION GUIDE
novdocx (en) 6 April 2007
Legal Notices
Novell, Inc. makes no representations or warranties with respect to the contents or use of this documentation, and specifically disclaims any express or implied warranties of merchantability or fitness for any particular purpose. reserves the right to revise this publication and to make changes to its content, at any time, without obligation to notify any person or entity of such revisions or changes. makes no representations or warranties with respect to any software, and specifically disclaims any express or implied warranties of merchantability or fitness for any particular purpose. [. . . ] If no RETURN declaration is made, a default value of SEND is returned. For example:
RETURN SEND; RETURN DONT_SEND; RETURN L1;
Assignment The assignment declaration changes the value of a symbol using the := characters. The defined variable or system variable is stated first, then the := with a value, variable, or operation following. For example:
variable. field:=expression; variable:=expression;
t1 and t2 are of type TIME, i1 and i2 are type INTEGER, and b1 and b2 are Boolean valid assignments:
t1 b1 i1 b2 := := := := t2; t1 < t2; t1. mday - 15; t2. year < 2000
Invalid assignments:
b1 := 10 < i2 < 12;
(10 < i2) is Boolean, and a BOOLEAN cannot be compared to an INTEGER. For example:
b2 := i1;
310 Novell eDirectory 8. 8 Administration Guide
novdocx (en) 6 April 2007
b2 is Boolean and i1 is INTEGER. Arithmetic Operators You can include arithmetic operators in assignment declarations, RETURN declarations, or IF constructions. The valid operators are Addition (+) Subtraction (-) Division (/) Multiplication (*) Module (MOD) Use only INT variable types with arithmetic operators. Do not use TIME, NETADDRESS, or BOOLEAN variable types in arithmetic expressions. Avoid operations that result in values outside of the range -2147483648 to +2147483648 or division by 0. Relational Operators You can use relational operators in IF constructions. The valid operators are Equal to (=) Not equal to (< >) Greater than (>) Greater than or equal to (>=) Less than (<) Less than or equal to (<=) You can use any relational operators with TIME and INT variable types. You can also use < > and = with NET ADDRESS and BOOLEAN variable types. Logical Operators The valid operators are AND OR NOT Less than (<) Greater than (>) Equal to (=)
WAN Traffic Manager
311
novdocx (en) 6 April 2007
Bitwise Operators You can use bitwise operators on INT variable types to return an integer value. The valid operators are BITAND BITOR BITNOT Complex Operations The following precedence rules are enforced when processing complex expressions. The order is as follows: Parenthesis Unary (+/-) BITNOT BITAND BITOR Multiplication, division, MOD Addition, subtraction Relational (>, >=, <, <=, =) NOT AND OR If you are not certain of precedence, use parentheses. For example, if A, B, and C are integers or variables, A<B<C is not allowed. A<B would return a Boolean value, not an integer value, which cannot be compared to an integer C. PRINT You can use PRINT declarations to send text and symbol values to the server's WAN Traffic Manager display screen and to the log file. PRINT statements can have any number of arguments that can be literal strings, symbol names or members, integer values, or Boolean values, separated by commas. For example:
PRINT "INT=", 10, "BOOL=", TRUE, "SYM=", R1;
TIME and NETADDRESS variables use formatted PRINT declarations. TIME symbols are printed as follows:
m:d:y h:m
NETADDRESS variables are printed as follows:
Type length data
Type is either IP or IPX, length is the number of bytes, and data is the hexadecimal address string.
312 Novell eDirectory 8. 8 Administration Guide
novdocx (en) 6 April 2007
Understanding LDAP Services for Novell eDirectory
13
13
The Lightweight Directory Access Protocol (LDAP) is an Internet communications protocol that lets client applications access directory information. It is based on the X. 500 Directory Access Protocol (DAP) but is less complex than a traditional client and can be used with any other directory service that follows the X. 500 standard. [. . . ] Specify the password and confirm the password, then select the encryption type and salt type combination. 6 (Optional) To set the password for another principal, click Repeat Task.
Configuring GSSAPI with eDirectory 621
novdocx (en) 6 April 2007
E. 3. 4 Editing Foreign Principals
You can add Kerberos principal names to the eDirectory users using iManager. 1 In iManager, click Kerberos Management > Edit Foreign Principals to open the Edit Foreign Principals page. 2 Specify the FDN of a valid User object or use the Object Selector icon to select the User object reference. [. . . ]