Static Service Discovery Mechanism
A Static Service Discovery Mechanism returns a fixed list of LDAP directory servers.
A change in configuration to any of the specified directory servers must be manually applied on all Static Service Discovery Mechanisms that reference it.
Parent
The Static Service Discovery Mechanism object inherits from Service Discovery Mechanism.
Static Service Discovery Mechanism properties
You can use configuration expressions to set property values at startup time. For details, see Property value substitution.
| Basic Properties | Advanced Properties |
|---|---|
discovery-interval |
discovery-interval
Synopsis |
Interval between two server configuration discovery executions. |
Description |
Specifies how frequently to read the configuration of the servers in order to discover their new information. |
Default value |
60s |
Allowed values |
Uses duration syntax. Lower limit: 1 seconds. |
Multi-valued |
No |
Required |
No |
Admin action required |
None |
Advanced |
No |
Read-only |
No |
key-manager-provider
Synopsis |
Specifies the name of the key manager that should be used with this Static Service Discovery Mechanism. |
Default value |
None |
Allowed values |
The name of an existing key-manager-provider. The referenced key manager provider must be enabled when the Static Service Discovery Mechanism is enabled and configured to use SASL/External certificate authentication. |
Multi-valued |
No |
Required |
No |
Admin action required |
None Changes to this property take effect immediately, but only for subsequent attempts to access the key manager provider for associated client connections. |
Advanced |
No |
Read-only |
No |
primary-server
Synopsis |
Specifies a list of servers that will be used in preference to secondary servers when available. |
Description |
When using an IPv6 address as the hostname, put brackets around the address as in "[IPv6Address]:port". |
Default value |
None |
Allowed values |
A host name or an IP address followed by a ":" and a port number. Port number must be greater than 1 and less than 65535. |
Multi-valued |
Yes |
Required |
No |
Admin action required |
None |
Advanced |
No |
Read-only |
No |
secondary-server
Synopsis |
Specifies a list of servers that will be used in place of primary servers when all primary servers are unavailable. |
Description |
When using an IPv6 address as the hostname, put brackets around the address as in "[IPv6Address]:port". |
Default value |
None |
Allowed values |
A host name or an IP address followed by a ":" and a port number. Port number must be greater than 1 and less than 65535. |
Multi-valued |
Yes |
Required |
No |
Admin action required |
None |
Advanced |
No |
Read-only |
No |
ssl-cert-nickname
Synopsis |
Specifies the nicknames (also called the aliases) of the keys or key pairs that the Static Service Discovery Mechanism should use when performing SSL communication. |
Description |
The property can be used multiple times (referencing different nicknames) when server certificates with different public key algorithms are used in parallel (for example, RSA, DSA, and ECC-based algorithms). When a nickname refers to an asymmetric (public/private) key pair, the nickname for the public key certificate and associated private key entry must match exactly. A single nickname is used to retrieve both the public key and the private key. This is only applicable when the Static Service Discovery Mechanism is configured to use SSL. |
Default value |
Let the server decide. |
Allowed values |
A string. |
Multi-valued |
Yes |
Required |
No |
Admin action required |
The object must be disabled and re-enabled for changes to take effect. |
Advanced |
No |
Read-only |
No |
ssl-cipher-suite
Synopsis |
Specifies the names of the SSL cipher suites that are allowed for use in SSL or TLS communication. |
Default value |
Uses the default set of SSL cipher suites provided by the server’s JVM. |
Allowed values |
A string. |
Multi-valued |
Yes |
Required |
No |
Admin action required |
None Changes to this property take effect immediately but only impact new SSL/TLS-based sessions created after the change. |
Advanced |
No |
Read-only |
No |
ssl-protocol
Synopsis |
Specifies the names of the SSL protocols that are allowed for use in SSL or TLS communication. |
Default value |
Uses the default set of SSL protocols provided by the server’s JVM. |
Allowed values |
A string. |
Multi-valued |
Yes |
Required |
No |
Admin action required |
None Changes to this property take effect immediately but only impact new SSL/TLS-based sessions created after the change. |
Advanced |
No |
Read-only |
No |
trust-manager-provider
Synopsis |
Specifies the name of the trust manager that should be used with the Static Service Discovery Mechanism. |
Default value |
None |
Allowed values |
The name of an existing trust-manager-provider. The referenced trust manager provider must be enabled when this Static Service Discovery Mechanism is configured to use SSL or StartTLS. |
Multi-valued |
No |
Required |
No |
Admin action required |
None Changes to this property take effect immediately, but only for subsequent attempts to access the trust manager provider for associated client connections. |
Advanced |
No |
Read-only |
No |
use-sasl-external
Synopsis |
Indicates whether the Static Service Discovery Mechanism should use certificate based authentication when communicating with backend servers. |
Description |
If enabled, the Static Service Discovery Mechanism will use mutual TLS when connecting to backend servers. Once the TLS handshake has completed, a SASL/External LDAP bind request will be sent in order to associate the TLS client certificate with an LDAP account on the remote backend server. A key manager provider containing the client certificate must be configured in order to use this feature. |
Default value |
false |
Allowed values |
true false |
Multi-valued |
No |
Required |
No |
Admin action required |
The object must be disabled and re-enabled for changes to take effect. |
Advanced |
No |
Read-only |
No |
use-ssl
Synopsis |
Indicates whether the Static Service Discovery Mechanism should use SSL. |
Description |
If enabled, the Static Service Discovery Mechanism will use SSL to encrypt communication with the clients. |
Default value |
false |
Allowed values |
true false |
Multi-valued |
No |
Required |
No |
Admin action required |
The object must be disabled and re-enabled for changes to take effect. |
Advanced |
No |
Read-only |
No |
use-start-tls
Synopsis |
Indicates whether the Static Service Discovery Mechanism should use Start TLS. |
Description |
If enabled, the Static Service Discovery Mechanism will use Start TLS to encrypt communication with remote servers. |
Default value |
false |
Allowed values |
true false |
Multi-valued |
No |
Required |
No |
Admin action required |
The object must be disabled and re-enabled for changes to take effect. |
Advanced |
No |
Read-only |
No |
Advanced properties
Use the --advanced
option to access advanced properties.
java-class
Synopsis |
Specifies the fully-qualified name of the Java class that provides the Static Service Discovery Mechanism implementation. |
Default value |
org.opends.server.discovery.StaticServiceDiscoveryMechanism |
Allowed values |
A Java class that extends or implements:
|
Multi-valued |
No |
Required |
Yes |
Admin action required |
The object must be disabled and re-enabled for changes to take effect. |
Advanced |
Yes |
Read-only |
No |