Before the form can be used, it must be configured. At a minimum, an option file for the form must be provided as described in Section 220.127.116.11.
If you have a PMDF option file initially created prior to PMDF V5.2,
then you can need to adjust the setting of the PMDF option
FORM_NAMES; see Section 18.104.22.168 for details.
22.214.171.124 Form Option File
The LDAP/X.500 pop-up form requires the use of an option file. On
OpenVMS, the name of the option file is
PMDF_TABLE:x500_form_option. This file must be world
readable. Each line of the option file contains the setting for one
option. An option setting takes the form:
Two required options which must be supplied in the option file are disscussed in Section 126.96.36.199. Additional options are described in Section 188.8.131.52; customizing the form for another language is discussed in Section 184.108.40.206.
220.127.116.11 Required Options
In order to use the pop-up LDAP/X.500 addressing form, two options must
be specified in the form's option file. These two options are
LDAP_BASE. If either of
these options is not specified, then the form will refuse to run and
will signal an error.5
LDAP_SERVERS option specifies the TCP/IP host names of
the LDAP servers to use. The option's value takes the form
host3, ... and
port3, ... are, respectively, the TCP/IP hosts and ports to which to connect. The hosts will be attempted in the order listed, from left to right, until a connection is successfully made to one of the hosts or the list exhausted. IP addresses can be used in place of host names. If the port number is omitted then the standard LDAP port, port 389, will be used. When omitting the port number, also omit the
For instance, to use the hosts vax1.
LDAP servers, you can specify
The second required option is
LDAP_BASE which specifies
the distinguished name in the LDAP or X.500 tree (DIT) at which to
initially position the form. Usually this will be the top level of your
organization's DSA. E.g.,
LDAP_BASE=o="Process Software, LLC.", st=Massachusetts, c=US
PMDF_X500_LDAP_BASE can be used to override the values of
LDAP_BASE options. The
translation value of those two logicals should be the same as the
values used with the option file options. For example,
$ DEFINE PMDF_X500_LDAP_BASE - "o=""Process Software, LLC"",st=Massachusetts,c=US" $ DEFINE PMDF_X500_LDAP_SERVERS - "vax1.example.com|admin.example.com+6666|vax2.example.com"
PMDF_X500_LDAP_BASE logical, individual users or
groups of users can select a different initial distinguished name at
which to start the form.
18.104.22.168 Controlling Attribute Names
The LDAP/X.500 pop-up form has a default set of attribute names it will
use in requests to the LDAP server as well as a default set of
attribute names it will recognize in responses back from the server.
These names are shown in Table 21-3. These default values can be
controlled with the x_IN and x_OUT options where
"x" is the name of an attribute. x_IN
specifies the attribute name to recognize in responses from the server;
x_OUT the name to use in requests to the server. Note that the
values specified with these options are case sensitive.
|Attribute name||Option name = value||Option name = value|
22.214.171.124 Additional Options
Described below are some additional options which can be specified in
the form's option file.
AUTHORIZATION_METHOD (SIMPLE)The authorization method to use when binding to a LDAP server. At present, the only supported method is simple authorization.
CHARSET (text string <= 252 characters long)The character set the form should use. Keyboard input will be translated from this character set to T.61 prior to transmission to the LDAP server; output from the LDAP server will be translated to this character set prior to display upon a terminal. If no character set is specified, then the DEC multinational character set, DEC-MCS, will be used. The selected character set must be one which appears in the
charsets.txtfile in the PMDF table directory.6 Note that additional character sets can be added to that file; refer to the PMDF CHBUILD utility documentation for details.
DN (text string <= 252 characters long)A distinguished name,
DN, to use when binding to a LDAP server. By default, no distinguished name is used. Use the
PASSWORDoption to specify any password associated with the
EXTRA_OU (0, 1, or 2)By default, the pop-up addressing form provides fields for five organizational units (ou) in a distinguished name. With this option, the number of fields can be increased to six (
EXTRA_OU=1) or seven (
EXTRA_OU=2). The default is
EXTRA_OU=0. These additional fields appear at the expense of making the form look more cluttered.
FILTERFILE (text string <= 252 characters long)The complete file specification for a LDAP filter file to use for constructing search filters. By default, the file
ldapfilter.conffile in the PMDF table directory is used. See Section 126.96.36.199 for additional details.
HELPFILE (text string <= 252 characters long)The complete file specification for a text file containing help information. The contents of this file will be displayed when help is requested from the main addressing screen. By default, the file used is the OpenVMS file
PMDF_DOC:x500_form.hlp. See also the MENU_HELPFILE option.
LDAP_BASE (text string <= 252 characters long)The initial distinguished name at which to position the form. See Section 188.8.131.52 for details.
LDAP_SERVERS (text string <= 252 characters long)A list of one or more LDAP servers to use. See Section 184.108.40.206 for details.
MENU_HELPFILE (text string <= 252 characters long)The complete file specification for a text file containing help information. The contents of this file will be displayed when help is requested from within a selection menu. By default, the file used is
PMDF_DOC:x500_form_menu.hlp. See also the
NEXT (K, L, N, or P)The control character which can be entered to move to the next address when more than one address is being entered). By default,
CTRL/N (NEXT=N)is the control character keystroke used.
PASSWORD (text string <= 252 characters long)This option can be used in conjunction with the
DNoption to specify a password to use when binding to a LDAP server.
PREV (K, L, N, or P)The control character which can be entered to move to the previous address when more than one address is being entered. By default,
CTRL/P (PREV=P)is the control character keystroke used.
220.127.116.11 Filter File
The directory search strategies used by the terminal-based form are
specified in a LDAP filter file. By default, the file
ldapfilter.conf from the PMDF table directory is used; an
alternate file can be selected with the
From the filter file, the form uses those filters with tag names of the
xdesignates the type of field being searched:
st(country, common name, locality, organization, organizational unit, and state). Should you want to alter any of these filters, you should create your own filter file and direct the form to use it with the
FILTERFILEoption. Do not modify the supplied
ldapfilter.conffile. Otherwise, your changes will be lost when you upgrade or reinstall PMDF.
See Section 18.104.22.168 for a further discussion of the
ldapfilter.conf file and creating your own filter file.
22.214.171.124 Changing Languages
x500_form_option.sample in the PMDF table
directory is a sample option file which specifies the default option
values used by the LDAP/X.500 pop-up form. In that option file, there
appear a large number of options beginning with
options, which are not documented here, can be used to control the text
appearing in labels, prompts, and messages. They allow customization of
the form for use with languages other than English. See also the
description of the
MENU_HELPFILE options in Section 126.96.36.199.
5 If the