Application Delivery Management
Application Modernization & Connectivity
CyberRes
IT Operations Management
Property Name |
Property Value |
Default value (for optional properties) |
ldapHost |
IP or DNS of the LDAP Directory where users will be created. (All the default LDAP values listed apply to using the SingleBoxUserStore inside the NAM appliance) |
localhost |
ldapPort |
LDAP or LDAPS port, usually 389 or 636 |
389 |
ldapBase |
The base container where the users will be created in the LDAP Directory |
o=novell |
ldapAdmin |
CN (in LDAP format) of the LDAP administrative account |
cn=admin,o=novell |
ldapPassword |
Password of the LDAP administrator |
ldapObjectClass |
Object class for the users that will be created in LDAP directory |
User |
debug |
Debug level. One of: ALL, TRACE, DEBUG, INFO, WARN, ERROR, FATAL, OFF Debug level. One of: ALL, TRACE, DEBUG, INFO, WARN, ERROR, FATAL, OFF |
OFF |
traceid |
A string to insert into the log file for easy searching for operations related to this SQL Custom Authentication Class |
SQLAUTHN |
pwdInputCharset |
Charset of incoming password |
UTF-8 |
pwdBinaryEncoding |
Binary encoding of password |
Base64 |
pwdHashAlgorithm |
Hash algorithm |
SHA-256 |
pwdDbCharset |
Charset that the password is saved in inside the SQL database |
UTF-8 |
sqlDbAdmin |
SQL database administrator account name |
sqlDbHost |
The JDBC-formatted database host of the SQL database. This value differs from db type to another. For MSSQL, it is jdbc:sqlserver://<ipaddress>;dat abaseName=<database name>; |
sqlDbAdminPwd |
SQL database administrator password |
sqlPasswordField |
The field inside the SQL database that holds the password |
Password |
sqlUserQuery |
The SQL database query to locate the user and select the column data to return with it |
select Password, FirstName, LastName, Email from dbo.Users where UserID = ? |
ldapMapping |
Maps SQL field name to LDAP attribute name |
FirstName=givenName, LastName=sn,Email=mail |
pwdsEncrypted |
Allows the passwords (both LDAP and SQL) to be specified in an encrypted string so that it can't be viewed in the NAM admin console in clear text. The encryption utility is built into the jar and can be used to encrypt password before specifying the property value. One of: true, false |
false |
authenticationProcess |
Whether to use the faster authentication algorithm versus the safer one. One of : safe, fast |
Safe |
passwordProviderClass Name |
The password provider class to use for encryptying and decrypting passwords in the SQL database and for use in encrypting the passwords saved in the NAM configuration. |
com.netiq.nam.authn .pwdprovider.Default PasswordProvider |
java -jar NamSQLAuthClass.jar <password to encrypt> <password providerclass>
java -jar SQLNamAuth.jar test com.netiq.nam.authn.pwdprovider.myPwdProv
Encryption: Parameter encryption
Original: test
Encrypted: q7trw3W2Q87gG2lU/gxiNA
Validates: true
tailf /var/opt/novell/nam/logs/idp/tomcat/catalina.out | grep Wendy
SET ANSI_NULLS ON
GO
SET QUOTED_IDENTIFIER ON
GO
SET ANSI_PADDING ON
GO
CREATE TABLE [dbo].[Users](
[UserID] [nvarchar](50) NOT NULL,
[FirstName] [nvarchar](50) NOT NULL,
[LastName] [nvarchar](50) NOT NULL,
[Password] [ntext] NULL,
[Email] [nvarchar](255) NULL,
[AccountID] [nvarchar](50) NULL,
CONSTRAINT [PK_users] PRIMARY KEY CLUSTERED
(
[UserID] ASC
)WITH (PAD_INDEX = OFF, STATISTICS_NORECOMPUTE = OFF, IGNORE_DUP_KEY = OFF,
ALLOW_ROW_LOCKS = ON, ALLOW_PAGE_LOCKS = ON) ON [PRIMARY]
) ON [PRIMARY] TEXTIMAGE_ON [PRIMARY]
GO
SET ANSI_PADDING OFF
GO
ALTER TABLE [dbo].[Users] ADD CONSTRAINT [DF_Users_FirstName] DEFAULT ('') FOR
[FirstName]
GO
ALTER TABLE [dbo].[Users] ADD CONSTRAINT [DF_Users_LastName] DEFAULT ('') FOR
[LastName]
GO
INSERT dbo.Users (UserID, FirstName, LastName, Password, Email, AccountID)
VALUES ('juser', 'Joe', 'User',
'grzjqAe/95UoN83fth7wTdwyxiUeZecW9mkmhqhXHV1OMHYzbGwxMjM=', 'juser@netiq.com',
'netIQuser001')
GO