HP OpenVMS Systems

HP Enterprise Directory

HP OpenVMS Systems

OpenVMS information

» What's new on our site
» Upcoming events
» Configuration and buying assistance
» Send us your comments

HP OpenVMS systems

» OpenVMS software
» Supported Servers
» OpenVMS virtualization
» OpenVMS solutions and partners
» OpenVMS success stories
» OpenVMS service and support
» OpenVMS resources and information
» OpenVMS documentation
» Education and training

Directory Service

» Discuss this Product
» Sign up for Directory and Messaging Newsletter
» Directory and Messaging page

Evolving business value

» Business Systems Evolution
» AlphaServer systems transition planning
» Alpha RetainTrust program

Related links

» HP Integrity servers
» HP Alpha systems
» HP storage
» HP software
» HP products and services
» HP solutions
» HP support
disaster proof
HP Integrity server animation
HP Integrity server animation
Content starts here

» Overview

» Protocols and standards


» FAQs

» Installation requirements


HP Enterprise Directory supports a subset of the Simplified Access Control scheme from the 1993 edition of the standard. This allows administrators to define policies that control access rights (such as read, browse, modify, and remove) to entries and individual attributes within a particular part of the directory (naming context).

HP Enterprise Directory allows for the authentication of users by name and password. It also allows access to be restricted based on network address and for chained operations. HP Enterprise Directory v5.4 on Tru64 UNIX has been certified with the Entrust v5.0 security product.

In addition, HP Enterprise Directory v5.4 supports extensions to the schema object classes and attributes to support the OpenVMS LDAP SYS$ACM Authentication Agent as the first step in enabling network authentication across an OpenVMS environment.


A user is authenticated by a distinguished name and password.

Access control

Certain objects in the directory can have a prescriptive Access Control Information (ACI) attribute. Any subordinate object is protected by whatever prescriptive ACI protects the relevant branch of the Directory Information Tree. Combined with the distinguished name of an authenticated user, a prescriptive ACI can grant these kinds of access:

  • Read
  • Compare
  • Browse
  • Add
  • Modify
  • Remove
  • Filter match
  • Rename
  • Return DN
  • Disclose on error

Secure Sockets Layer (SSL)

OpenVMS v7.3-2 and v8.2 offer the ability to use the SSL port negotiated by LDAPv3. On Tru64 UNIX, this port is available on systems that have the appropriate SSL object libraries installed.

HP Enterprise Directory v5.4 can use this port.

Trust relationships

You can use NCL to set up a trust relationship between two DSAs.