service-source-dn
service-source-dn = <service_pseudo_dn>
Description
Pseudo-distinguished name of the service that issues the password synchronization request. The service-source-dn is for the pseudo-distinguished name for all authentication methods. We can specify more than one pseudo-distinguished name in the value of this configuration entry. Separate the pseudo-distinguished names with a semicolon (;) character. The Password Synchronization Plug-in iterates through the list of service names until it finds an account for one of the services. If the Password Synchronization Plug-in cannot find an account for the specified services, it returns an error message. Each pseudo-distinguished name is a comma-separated list of the following attributes:
The pseudo-distinguished name that is formed from these example values is: erservicename=TAM 6.0 Service,o=International Business Machines, ou=IBM,dc=com.
- The erservicename attribute of the ISAM service name, as defined in ISIM. For example, erservicename=TAM 6.0 Service.
- The o attribute of the organization to which the service belongs. For example, o=International Business Machines.
- The ou and dc attributes from the service distinguished name in ISIM. For example, ou=IBM,dc=com.
Options
<service_pseudo_dn> Service pseudo-distinguished name for all authentication methods.
Usage: If the is_enabled configuration entry in the [itim] stanza is set to true, then configure at least one of the following configuration entries:
- service-source-dn
- service-password-dn
- service-token-card-dn
Default value: None.
Example:
service-source-dn = erservicename=ISAM Employees Service,o=MyCo,ou=IBM,dc=com;erservicename=TAM Customers Service,o=MyCo,ou=IBM,dc=com