Top Secret

 View Only

  • 1.  CA LDAP Tips and Tricks

    Posted Oct 07, 2013 05:19 PM
    Did you know:

    1. You can restrict the number of search results form LDAP by using the slapd.conf option 'SizeLimit'. Setting this to -1 will give you unlimited results.

    2. You can append Date and Time to your LDAP stderr log file by making a slight change in the LDAP Started Task Proc. This way you can avoid your stderr log files being overwritten by automation tasks. To do this change the stderr DD statement in your proc:
    //STDERR DD PATH='/u/ldap151/stderr.&YYMMDD.&HHMMSS',

    This will get you: stderr.131007193934
    The output is in GMT, but it is unique.

    3. You can restrict users from performing write actions such as modify,add,delete through LDAP to your ACF2/TSS/Compliance Manager database. The config option 'readonly' will allow you to do this. The default value for this is off, but you can turn it on in the slapd.conf file under the database definition or globally. More information on this can be found in the LDAP product guide.


  • 2.  RE: CA LDAP Tips and Tricks

    Posted Oct 09, 2013 11:54 AM
    You can still put a .log extension on the end of the file name.
    But I needed to put in two dots to make it work.
    For example:

    //STDERR DD PATH='/u/ldap151/stderr.&YYMMDD.&HHMMSS..log',


    Pat


  • 3.  RE: CA LDAP Tips and Tricks

    Posted Oct 09, 2013 01:02 PM
    When having issues with the LDAP connected to Datacom server, you can set the following traces:

    1. To set LDAP trace:
    Issue the following command at the console:

    F LDAP_STC,set,debug,all

    To turn off the debug, issue:

    F LDAP_STC,set,debug,0

    2. To set Datacom server trace, turn on the following in srvini.ini file, that is located in the LDAP install directory.
    # To turn ODBC trace on set ODBC_TRACE=Y. Uncomment ODBC_TRACE_FILE and TRACE_INCLUDE_METHODS. Verify ODBC_TRACE_FILE file path.
    ODBC_TRACE=N
    #ODBC_TRACE_FILE=/usr/lpp/caldapr151/odbc_trace
    #TRACE_INCLUDE_METHODS=SQLALL

    # To turn CCI trace on set CCI_TCP_TRACE=Y. Uncomment and verify CCI_TRACE_FILE file path.
    CCI_TCP_TRACE=N
    #CCI_TRACE_FILE=/usr/lpp/caldapr151/cci_trace

    #To turn WDB trace on set WDB_TRACE=Y. Uncomment and verify WDB_TRACE_FILE file path.
    WDB_TRACE=N
    #WDB_TRACE_FILE=/usr/lpp/caldapr151/wdb_trace

    3. More Datacom Server tracing can be turned on in the Datacom server startup parameter,TRACEON. By default it is NO, switch it to YES to turn on trace.
    TRACEON=YES


  • 4.  RE: CA LDAP Tips and Tricks

    Posted Oct 22, 2013 03:53 PM
    To find the version of the dll in LDAP HFS directory, you can use the -VV command.
    For example:
    To find the version of back_caacf2_utf.dll, you can type in the following command from the directory where it resides.
    ./back_caacf2_utf.dll -VV


  • 5.  RE: CA LDAP Tips and Tricks

    Broadcom Employee
    Posted Oct 23, 2013 05:39 AM
    Very interesting tip Saigujja and good input from Pat as well.
    Thanks for posting it.
    Regards,
    Ollivier