LDAPUserRegistry


This type is a class for model objects.

Configuration to use when users and groups are defined in an LDAP directory service.

Package: security
Supertype: UserRegistry

Classifier ID:  -1
Instance class name:  * Unspecified *
Instance class:  * Unspecified *



Attributes Summary
type : LDAPDirectoryType The type of LDAP server to which to connect.
sslEnabled : EBoolean Whether to enable Secure Socket Layer (SSL) communications between the application server security component and your LDAP directory service. When this setting is enabled, the LDAP SSL settings are used if they are have been specified.
sslConfig : EString Specifies the Secure Socket Layer configuration to use for the LDAP connection.
baseDN : EString Specifies the base distinguished name of the directory service, indicating the starting point for LDAP searches of the directory service. (See RFC 1779 for a discussion of this technique).

Some examples include uid=anyusername, ou=people, and o=ibm. This field is required unless the product will be using a Domino directory service, in which case the administrator can leave the field blank to bind anonymously.

The host name, port, and base DN you specify are combined to form an LDAP URL, such as ldap: //myserver:1234/o=ibm, where myserver:1234 is the host name and optional port number for the directory service, and o=ibm is the base distinguished name.
bindDN : EString Specifies the distinguished name for application server to use to bind to the directory service. If no name is specfied, the application server binds anonymously. See the Base DN field description for examples of distinguished names.
bindPassword : Password Specifies the password for the application server to use to bind to the directory service.
searchTimeout : ELong Specifies the timeout value in seconds for an LDAP server to respond before aborting a request.
monitorInterval : ELong Specifies the time interval in minutes to monitor the aliveness of LDAP server(s).
reuseConnection : EBoolean Should set to true by default to reuse the LDAP connection. Set to false only in rare situations where a router is used to spray requests to multiple LDAP servers and when the router does not support affinity.
searchFilter : LDAPSearchFilter @ Settings for performing searches of the LDAP user registry.
hosts : EndPoint + Specifies one or more LDAP server host name and port.



Attribute Details

type  -  The type of LDAP server to which to connect.
    Data Type: LDAPDirectoryType
    Default value:  unspecified
    Allowed values:
        0 - IBM_DIRECTORY_SERVER
        1 - SECUREWAY
        2 - IPLANET
        3 - NETSCAPE
        4 - DOMINO502
        5 - NDS
        6 - ACTIVE_DIRECTORY
        7 - CUSTOM
    Required:  false
    Changeable:  true
    Unsettable:  true
    Many:  false
    Ordered:  true
    Lower bound:  0
    Upper bound:  1
    Unique:  true
    Derived:  false
    Transient:  false
    Volatile:  false

sslEnabled  -  Whether to enable Secure Socket Layer (SSL) communications between the application server security component and your LDAP directory service. When this setting is enabled, the LDAP SSL settings are used if they are have been specified.
    Data Type: EBoolean
    Default value:  unspecified
    Required:  false
    Changeable:  true
    Unsettable:  true
    Many:  false
    Ordered:  true
    Lower bound:  0
    Upper bound:  1
    Unique:  true
    Derived:  false
    Transient:  false
    Volatile:  false

sslConfig  -  Specifies the Secure Socket Layer configuration to use for the LDAP connection.
    Data Type: EString
    Default value:  unspecified
    Required:  false
    Changeable:  true
    Unsettable:  false
    Many:  false
    Ordered:  true
    Lower bound:  0
    Upper bound:  1
    Unique:  true
    Derived:  false
    Transient:  false
    Volatile:  false

baseDN  -  Specifies the base distinguished name of the directory service, indicating the starting point for LDAP searches of the directory service. (See RFC 1779 for a discussion of this technique).

Some examples include uid=anyusername, ou=people, and o=ibm. This field is required unless the product will be using a Domino directory service, in which case the administrator can leave the field blank to bind anonymously.

The host name, port, and base DN you specify are combined to form an LDAP URL, such as ldap: //myserver:1234/o=ibm, where myserver:1234 is the host name and optional port number for the directory service, and o=ibm is the base distinguished name.
    Data Type: EString
    Default value:  unspecified
    Required:  false
    Changeable:  true
    Unsettable:  false
    Many:  false
    Ordered:  true
    Lower bound:  0
    Upper bound:  1
    Unique:  true
    Derived:  false
    Transient:  false
    Volatile:  false

bindDN  -  Specifies the distinguished name for application server to use to bind to the directory service. If no name is specfied, the application server binds anonymously. See the Base DN field description for examples of distinguished names.
    Data Type: EString
    Default value:  unspecified
    Required:  false
    Changeable:  true
    Unsettable:  false
    Many:  false
    Ordered:  true
    Lower bound:  0
    Upper bound:  1
    Unique:  true
    Derived:  false
    Transient:  false
    Volatile:  false

bindPassword  -  Specifies the password for the application server to use to bind to the directory service.
    Data Type: Password
    Default value:  unspecified
    Required:  false
    Changeable:  true
    Unsettable:  false
    Many:  false
    Ordered:  true
    Lower bound:  0
    Upper bound:  1
    Unique:  true
    Derived:  false
    Transient:  false
    Volatile:  false

searchTimeout  -  Specifies the timeout value in seconds for an LDAP server to respond before aborting a request.
    Data Type: ELong
    Default value:  unspecified
    Required:  false
    Changeable:  true
    Unsettable:  true
    Many:  false
    Ordered:  true
    Lower bound:  0
    Upper bound:  1
    Unique:  true
    Derived:  false
    Transient:  false
    Volatile:  false

monitorInterval  -  Specifies the time interval in minutes to monitor the aliveness of LDAP server(s).
    Data Type: ELong
    Default value:  unspecified
    Required:  false
    Changeable:  true
    Unsettable:  true
    Many:  false
    Ordered:  true
    Lower bound:  0
    Upper bound:  1
    Unique:  true
    Derived:  false
    Transient:  false
    Volatile:  false

reuseConnection  -  Should set to true by default to reuse the LDAP connection. Set to false only in rare situations where a router is used to spray requests to multiple LDAP servers and when the router does not support affinity.
    Data Type: EBoolean
    Default value:  unspecified
    Required:  false
    Changeable:  true
    Unsettable:  true
    Many:  false
    Ordered:  true
    Lower bound:  0
    Upper bound:  1
    Unique:  true
    Derived:  false
    Transient:  false
    Volatile:  false

searchFilter  -  Settings for performing searches of the LDAP user registry.
    Reference Type: LDAPSearchFilter @
    Containment:  true
    Container:  false
    Required:  true
    Changeable:  true
    Unsettable:  false
    Many:  false
    Ordered:  true
    Lower bound:  1
    Upper bound:  1
    Unique:  true
    Derived:  false
    Transient:  false
    Volatile:  false

hosts  -  Specifies one or more LDAP server host name and port.
    Reference Type: EndPoint +
    Containment:  true
    Container:  false
    Required:  true
    Changeable:  true
    Unsettable:  false
    Many:  true
    Ordered:  true
    Lower bound:  1
    Upper bound:  Unbounded
    Unique:  true
    Derived:  false
    Transient:  false
    Volatile:  false



(C) COPYRIGHT International Business Machines Corp. 1996-2006