
Mapping the Network Group Object
Directory Proxy Server 5 groups are congured by setting the attributes of the
ids-proxy-sch-NetworkGroup object class. These attributes can be mapped to properties of
Directory Proxy Server 6.0 connection handlers, data sources and listeners. For a list of all the
properties related to these objects, run the dpconf help-properties command, and search for
the object. For example, to locate all the properties of a connection handler, run the following
$ dpconf help-properties | grep connection-handler
In Iplanet Directory Access Router 5.0 (IDAR) these conguration attributes are stored under
ids-proxy-con-Name=group-name,ou=groups,ou=pd2,ou=iDAR,o=services. In Directory
Proxy Server 5.2, these conguration attributes are stored under
The following table maps Directory Proxy Server 5 network group attributes to the
corresponding Directory Proxy Server 6.0 properties and describes how to set these properties
by using the command line.
TABLE 6–5 MappingBetween Version5 Network Group Attributes and 6.0Properties
DirectoryProxyServer5NetworkGroupAttribute DirectoryProxyServer6.0Property
ids-proxy-con-Client domain-name-filters and ip-address-filters
properties of aconnection handler
ids-proxy-con-include-property No equivalent
ids-proxy-con-include-rule No equivalent
ids-proxy-con-ssl-policy:ssl_required Set this as a connectionhandler property by using the
following command:
$ dpconf set-connection-handler-prop
CONNECTION-HANDLER-NAME is-ssl-mandatory:true
ids-proxy-con-ssl-policy:ssl_optional Set this as an LDAP datasource property by using the
following command:
$ dpconf set-ldap-data-source-prop ds1
ids-proxy-con-ssl-policy:ssl_unavailable Set this asa connection handler property by usingthe
following command:
$ dpconf set-connection-handler-prop
CONNECTION-HANDLER-NAME is-ssl-mandatory:false
Mappingthe GroupsConguration
Chapter6 • Migrating DirectoryProxyServer 89