Page created: 4 Feb 2020
|
Page updated: 22 Jul 2020
PingDirectory Servers perform some numeric IP address-to-host
name lookups, including the following:
- Binding to the Directory: Decoding, examining, or evaluating a DNS bind rule
- Logging: Logging information to certain monitors or writing to the error log
- JMX: Creating a server socket
- Key Management: Generating a truststore
- Replication Server: Creating an SSL socket
- Replication Session Management: Obtaining a session or performing a handshake with a replication server
- SASL Authentication: Applying configuration changes
- SMTP Alert Handler: Initializing or sending an alert notification
Address masks configured in Access Control Lists (ACIs), Connection Handlers, Connection
Criteria, and Certificate handshake processing may trigger implicit reverse name lookups.
For more information about how address masks are configured in the server, review the
following information for each server:
- ACI dns: bind rules under Managing Access Control (Directory Server and Directory Proxy Server)
-
ds-auth-allowed-address
: Adding Operational Attributes that Restrict Authentication (Directory Server) - Connection Criteria: Restricting Server Access Based on Client IP Address (Directory Server and Directory Proxy Server)
- Connection Handlers: restrict server access using Connection Handlers (Configuration Reference Guide for all servers)