LDAP Advanced Configuration dialog box
This table shows the parameters for the LDAP Advanced Configuration dialog box:
Parameter | Description |
---|---|
Attribute for User ID | Specify an attribute name that is used for resolving the user ID from a list of LDAP attributes for a user. The default value is "sAMAccountName." |
User Classes | Specify common classes for users. The default value is "organizationalPerson,person,top,user." |
Group Classes | Specify common classes for groups. The default value is "group,top." |
Server Classes | Specify common classes for servers. The default value is "computer,top." |
User/Server/Group Search Base | These fields are a distinguished name which specifies the LDAP entry
under which all users/groups/servers are stored. For example, when the security server searches all users, it only searches entries under User Search Base. If this field is blank, then it uses a default value. The default value of all of the search bases is calculated from the default domain. For example, if the default domain is "infor.com," then for the user default base it would be "DC=infor, DC=com." |
ACL Organization Unit | Specify an organization unit in the LDAP directory for storing ACL
configuration for all resources in managed Cloverleaf host servers.
During synchronization, the Cloverleaf security server synchronizes ACL
configurations stored under ACL Organization Unit on the LDAP
server and ACL configuration in the Cloverleaf security server. If this is not specified, then the Cloverleaf security server ignores the ACL synchronization. If the organization unit does not exist on the LDAP server, then the Cloverleaf Security Server creates it on the LDAP server. This is created when it first accesses the ACL organization unit on the LDAP server. |