Specifies a set of host names or address masks that determine the clients that are allowed to establish connections to this Administration Connector.Valid values include a host name, a fully qualified domain name, a domain name, an IP address, or a subnetwork with subnetwork mask.
Default Value
All clients with addresses that do not match an address on the deny list are allowed. If there is no deny list, then all clients are allowed.
Allowed Values
An IP address mask
Multi-valued
Yes
Required
No
Admin Action Required
None. Changes to this property take effect immediately and do not interfere with connections that may have already been established.
Advanced Property
No
Read-only
No
denied-client
Description
Specifies a set of host names or address masks that determine the clients that are not allowed to establish connections to this Administration Connector.Valid values include a host name, a fully qualified domain name, a domain name, an IP address, or a subnetwork with subnetwork mask. If both allowed and denied client masks are defined and a client connection matches one or more masks in both lists, then the connection is denied. If only a denied list is specified, then any client not matching a mask in that list is allowed.
Default Value
If an allow list is specified, then only clients with addresses on the allow list are allowed. Otherwise, all clients are allowed.
Allowed Values
An IP address mask
Multi-valued
Yes
Required
No
Admin Action Required
None. Changes to this property take effect immediately and do not interfere with connections that may have already been established.
Advanced Property
No
Read-only
No
key-manager-provider
Description
Specifies the name of the key manager that is used with the Administration Connector .
Default Value
None
Allowed Values
The DN of any Key Manager Provider. The referenced key manager provider must be enabled.
Multi-valued
No
Required
Yes
Admin Action Required
Restart the server
Advanced Property
No
Read-only
No
listen-address
Description
Specifies the address or set of addresses on which this Administration Connector should listen for connections from LDAP clients.Multiple addresses may be provided as separate values for this attribute. If no values are provided, then the Administration Connector listens on all interfaces.
Default Value
0.0.0.0
Allowed Values
An IP address
Multi-valued
Yes
Required
No
Admin Action Required
Restart the server
Advanced Property
No
Read-only
No
listen-port
Description
Specifies the port number on which the Administration Connector will listen for connections from clients.Only a single port number may be provided.
Default Value
None
Allowed Values
An integer value. Lower value is 1. Upper value is 65535 .
Multi-valued
No
Required
Yes
Admin Action Required
The Administration Connector must be disabled and re-enabled for changes to this setting to take effect
Advanced Property
No
Read-only
No
ssl-cert-nickname
Description
Specifies the nicknames (also called the aliases) of the keys or key pairs that the Administration Connector should use when performing SSL communication. The property can be used multiple times (referencing different nicknames) when server certificates with different public key algorithms are used in parallel (for example, RSA, DSA, and ECC-based algorithms). When a nickname refers to an asymmetric (public/private) key pair, the nickname for the public key certificate and associated private key entry must match exactly. A single nickname is used to retrieve both the public key and the private key.
Default Value
Let the server decide.
Allowed Values
A String
Multi-valued
Yes
Required
Yes
Admin Action Required
Restart the server
Advanced Property
No
Read-only
No
ssl-cipher-suite
Description
Specifies the names of the SSL cipher suites that are allowed for use in SSL communication.
Default Value
Uses the default set of SSL cipher suites provided by the server's JVM.
Allowed Values
A String
Multi-valued
Yes
Required
No
Admin Action Required
None. Changes to this property take effect immediately but will only impact new SSL/TLS-based sessions created after the change.
Advanced Property
No
Read-only
No
ssl-protocol
Description
Specifies the names of the SSL protocols that are allowed for use in SSL or StartTLS communication.
Default Value
Uses the default set of SSL protocols provided by the server's JVM.
Allowed Values
A String
Multi-valued
Yes
Required
No
Admin Action Required
None. Changes to this property take effect immediately but only impact new SSL/TLS-based sessions created after the change.
Advanced Property
No
Read-only
No
trust-manager-provider
Description
Specifies the name of the trust manager that is used with the Administration Connector .
Default Value
None
Allowed Values
The DN of any Trust Manager Provider. The referenced trust manager provider must be enabled.