Highlighted
robert_maury Absent Member.
Absent Member.
600 views

Protocol used between imanager and eDirectory


Hello,

I would like to understand which protocols are used during an iManager
authentication between iManager and eDirectory.

i have 2 servers : in the server "A" i have iManager service web and 1
eDirectory. In my server "B" i have 1 eDirectory.

Test 1 :

in the Tree login field : i enter my context.

my tcpdump server B return a NCP connection

Test 2 :

in the Tree login field : i enter my server A name + ncp port

my tcpdump server B return a NCP connection

in the Tree login field : i enter my server B name + ncp port

NCP is it the only one protocol used during the authentication ?
How iManager chooses the eDirectory ?
NCP connection between iManager and eDirectory is it encrypted
(ssl....)

best regards


--
robert_maury
------------------------------------------------------------------------
robert_maury's Profile: https://forums.netiq.com/member.php?userid=9145
View this thread: https://forums.netiq.com/showthread.php?t=54071

Labels (1)
0 Likes
3 Replies
Knowledge Partner Knowledge Partner
Knowledge Partner

Re: Protocol used between imanager and eDirectory

NCP is the primary protocol used. iManager can sometimes use LDAP as well
for certain operations (those around Universal Password, Dynamic Groups,
etc. come to mind) and so in some cases that matters, though
authentication on its own is purely NCP. iManager 2.0 was different,
where authentication was purely LDAP, but that was a long time ago..

--
Good luck.

If you find this post helpful and are logged into the web interface,
show your appreciation and click on the star below...
0 Likes
robert_maury Absent Member.
Absent Member.

Re: Protocol used between imanager and eDirectory


Hello,

Thank you. But why during the test iManager conect to the server B and
not to the server A. It's due to the iManager cache ?

Best regards


--
robert_maury
------------------------------------------------------------------------
robert_maury's Profile: https://forums.netiq.com/member.php?userid=9145
View this thread: https://forums.netiq.com/showthread.php?t=54071

0 Likes
Knowledge Partner Knowledge Partner
Knowledge Partner

Re: Protocol used between imanager and eDirectory

Cache may apply, but I would bet more that it depends on what was
happening within NCP. The Tree field is useful to find the tree, meaning
any server within the tree, but after that iManager will talk to any
server it must for the request involved. For example, if you point to a
server with no replicas, iManager will quickly start talking a box with
replicas. If you point to a box with replicas of this partition, and it
needs access to servers with replicas of that partition, it will
seamlessly make that change (otherwise it would be a lousy tool). What is
happening within that traffic likely matters, and if not then perhaps
caching is at work.

By chance when you did Test 2 were you tracing on both servers? I would
expect to see traffic on server A if you specified server A, even if you
also saw traffic on servers B through Z.


--
Good luck.

If you find this post helpful and are logged into the web interface,
show your appreciation and click on the star below...
0 Likes
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.