The initial setup for LDAP Proxy consists of installing LDAP Proxy files and NLPManager and setting up the listener, back-end server, and connection route policy for your directory server in the nlpconf.xml file. LDAP Proxy bundles a sample nlpconf.xml file with the installation package located in the /etc/opt/novell/ldapproxy/conf directory.
LDAP Proxy can be customized by configuring additional listeners, back-end servers, back-end server groups, and policies.
Listener: The IP address and the port number where the proxy listens for incoming requests. By default, LDAP Proxy is configured to listen on all interfaces. However, you can customize it to listen only on specific interfaces.
Back-end server: The IP address or domain name and port number of the system on which the back-end server is installed. At least one back-end server must be configured. However, if you plan to facilitate load balancing and fault tolerance, a minimum of two back-end servers must be configured.
Connection route policy: Specifies where the connections are to be routed to. A minimum of one Connection Route policy must be configured. For more information, see Configuring a Connection Route Policy to Block Anonymous Binds in the NetIQ LDAP Proxy 1.6 Administration Guide.
The <list-policy> node in the nlpconf.xml file contains a sample Connection Route policy that defines where LDAP Proxy must route the incoming connections. Do not delete this node because there must be at least one Connection Route policy defined in the minimum configuration.
LDAP Proxy can be customized by configuring additional listeners, back-end servers, and back-end server groups. You can also define additional policies to customize LDAP Proxy to filter requests, map schemas etc. Optionally, you can also define the proxy paths and monitoring events. After modifying the nlpconf.xml file, save the file and start the nlpd service for the changes to take effect.
LDAP Proxy can be configured on both secure and non-secure ports to communicate with the back-end directory. You make these configuration changes for the Listener and Back-end server components in the nlpconf.xml file. The following sections provide specific instructions for configuring secure and non-secure connections.