ALERT: Some images may not load properly within the Knowledge Base Article. If you see a broken image, please right-click and select 'Open image in a new tab'. We apologize for this inconvenience.

How to use the LDAP AUTHSOURCE parm to find an IP Address?

book

Article ID: 53724

calendar_today

Updated On:

Products

ACF2 ACF2 - DB2 Option ACF2 for zVM ACF2 - z/OS ACF2 - MISC 24X7 High-Availability Manager for DB2 for z/OS Batch Processor Compile QQF Data Compressor for DB2 for z/OS CA Unicenter NSM RC/Update for DB2 for z/OS DB2 TOOLS- DATABASE MISC Top Secret Top Secret - LDAP

Issue/Introduction

Description:

In LDAP calls do not show the IP Address of the system that has sent the call.

Solution:

If you need to identify the IP Address where calls are coming from into the LDAP server you can change the LDAP Parameter AUTHSOURCE.
The default of AUTHSOURCE is SERVER which will not pass an IP Address. If you change AUTHSOURCE to CLIENT it will then pass the IP ADDRESS in hex during the racroute call at signon . A trace will show the IP ADDRESS in hex which can then be translated to the familiar address.

Here it is an example:
If IP ADDRESS in hex is x'8DCACC23', it will means IP ADDRESS is 141.202.204.52. x'8D' = 141; x'CA' = 202; x'CC' = 204; x'34' = 52.

The AUTHSOURCE parameter needs to be changed in the slapd.conf file and a recycle of the LDAP STC is necessary for the change to take effect.

Environment

Release:
Component: TSSLDP