Operating system projected backend

 

The system projected backend has the ability to map i5/OS^® objects as entries within the LDAP-accessible directory tree. The projected objects are LDAP representations of the operating system objects instead of actual entries stored in the LDAP server database.

User profiles are the only objects being mapped or projected as entries within the directory tree. The mapping of user profile objects is referred to as the operating system user projected backend.

LDAP operations are mapped to the underlying operating system objects and LDAP operations perform operating system functions in order to access these objects. All LDAP operations performed on the user profiles are done under the authority of the user profile associated with the client connection.

For more detailed information about the operating system projected backend, see the following:

• User projected directory information tree
  Understand how the suffix and user profiles are represented in a user projected directory information tree.

• LDAP operations
  Understand what LDAP operations can be performed on the projected backend.

• Administrator and replica bind DNs
  You can specify a projected user profile as the configured administrator or replica bind DN. The password of the user profile is used.

• User projected schema
  The object classes and attributes from the projected backend can be found in the server-wide schema.

• Read access to projected users
  By default, the system projection backend provides read access to user profile information to authorized users. Read access to projected users can be enabled or disabled by a configuration setting in the /QIBM/UserData/OS400/DirSrv/ibmslapd.conf file.

 

Parent topic:

Directory Server concepts

 

Related tasks

Granting administrator access to projected users

 

Related reference

Authentication