NCLHELP.HLB  —  Directory Module, DSA  Characteristics  Trusted DSA Names
 The Trusted DSA Names attribute can contain a list of trusted
 DSAs.

 Syntax:
 	SET DSA TRUSTED DSA NAMES {<aetitle>, ....}

 where <aetitle> is the AE title of a DSA that is to be trusted,
 for example:

 	"/C=US/O=Abacus/OU=Sales/CN=DSA1"

 The list contains the AE title of each trusted DSA.
 Refer to DSA Common_Datatypes for more information
 on how to specify an AE title.

 The default value is an empty list of AE titles, which means
 that this DSA trusts no other DSAs.

 Trust enables this DSA to accept another DSA's claim that
 a user has authenticated satisfactorily. This enables chained
 requests to be satisfied, rather than requiring a user to
 authenticate specifically to the DSA that holds the information
 they want to access.

 Note that this attribute is not the recommended way to implement
 trust between DSAs. Refer to the management guide for details of
 how to create directory entries to represent trusted DSAs.

 Note also that this attribute has no effect on DSA communications
 for other purposes, such as replication.

 Note also that the DSA refers to the value of this attribute
 whenever it receives a new connection. Once a connection is
 established, the caller is treated as a trusted DSA for as
 long as the connection lasts. Changing the value of the
 attribute has no effect on existing connections, only on
 subsequent connections.
Close Help