Sun Microsystems 8190994 Server User Manual


 
Mapping Subtree Hiding
Directory Proxy Server 5 uses the ids-proxy-con-forbidden-subtree attribute to specify a
subtree of entries to be excluded in any client request. Directory Proxy Server 6.0 provides this
functionality with the allowed-subtrees and prohibited-subtrees properties of a request
ltering policy. For information on hiding subtrees in this way, see “Creating and Conguring a
Resource Limits Policy” in Sun Java System Directory Server Enterprise Edition 6.0
Administration Guide.
If your subtrees are distributed across dierent backend servers, you can use the
excluded-subtrees property of a data view to hide subtrees. For more information on hiding
subtrees in this way, see “Excluding a Subtree From a Data View” in Sun Java System Directory
Server Enterprise Edition 6.0 Reference and “To Congure Data Views With Hierarchy and a
Distribution Algorithm” in Sun Java System Directory Server Enterprise Edition 6.0
Administration Guide.
Mapping Search Request Controls
In Directory Proxy Server 5, search request controls are used to prevent certain kinds of
requests from reaching the LDAP server. In Directory Proxy Server 6.0, this functionality is
provided by setting properties of a request ltering policy and a resource limits policy.
For information on conguring a request ltering policy, see “Creating and Conguring
Request Filtering Policies and Search Data Hiding Rules” in Sun Java System Directory Server
Enterprise Edition 6.0 Administration Guide. For information on conguring a resource limits
policy, see “Creating and Conguring a Resource Limits Policy” in Sun Java System Directory
Server Enterprise Edition 6.0 Administration Guide. For a list of all the properties associated with
a request ltering policy, or a resource limits policy, run the dpadm help-properties
command and search for the object. For example, to locate all properties associated with a
resource limits policy, run the following command:
$ dpconf help-properties | grep resource-limits-policy
In Iplanet Directory Access Router 5.0 (IDAR) these conguration attributes are stored under
ids-proxy-con-Name=group-name,ou=groups,ou=pd2,ou=iDAR,o=services. In Directory
Proxy Server 5.2, these conguration attributes are stored under
ou=groups,cn=user-dened-name,ou=dar-config,o=NetscapeRoot.
The following table maps the Directory Proxy Server 5 search request control attributes to the
corresponding Directory Proxy Server 6.0 properties.
Mappingthe GroupsConguration
SunJavaSystemDirectoryServerEnterpriseEdition6.0 MigrationGuide March200792
SunCondential:Registered