[ldap] stanza
This stanza defines configuration key value pairs required for the ISAM servers to communicate with the server associated with an LDAP user registry. The value for the user registry stanza entry (ldap-server-config) is determined by the pd.conf file. The pd.conf file is created when the ISAM runtime component is configured.
The key value pairs used only for the LDAP registry server are in the ldap.conf configuration file in the [ldap] stanza. The LDAP server stanza entries are described separately in [ldap] stanza for ldap.conf. The key value pairs that are for the server configuration files are in the [ldap] stanza of each of the following configuration files:
- The ivmgrd.conf configuration file for the policy server
- The [instance-]ivacld.conf configuration file for the authorization server
- Your resource managers' configuration file for configured LDAP entries
The aznAPI.conf configuration file is provided with ISAM as a sample file for creating our own resource manager configuration file. Developers of service plug-ins typically provide the standard functions. Before implementing service plug-ins, read and thoroughly understand the concepts in the Authorization C API Developer Reference.
- enhanced-pwd-policy
- max-auth-connections
- enable-last-login
- auth-using-compare
- authn-timeout
- bind-dn
- cache-enabled
- cache-group-expire-time
- cache-group-membership
- cache-group-size
- cache-policy-expire-time
- cache-policy-size
- cache-return-registry-id
- cache-use-user-cache
- cache-user-expire-time
- cache-user-size
- default-policy-override-support
- ldap-server-config
- login-failures-persistent
- max-search-size
- port
- prefer-readwrite-server
- search-timeout
- ssl-enabled
- ssl-keyfile
- ssl-keyfile-dn
- ssl-keyfile-pwd
- user-and-group-in-same-suffix
Parent topic: Configuration file stanza reference