Domain-->Security-->Embedded LDAP

Domain-->Security-->Embedded LDAP

Tasks Related Topics Attributes

Overview

The embedded LDAP server contains user, group, group membership, security role, security policy, and credential map information. By default, each WebLogic Server domain has an embedded LDAP server configured with the default values set for each attribute. The WebLogic Authentication, Authorization, Credential Mapping, and Role Mapping providers use the embedded LDAP server as their database. If you use any of these providers in a new security realm, you may want to change the default values for the embedded LDAP server to optimize its use in your environment.

Tasks

Configuring the Embedded LDAP Server

Related Topics

Introduction to WebLogic Security
Managing WebLogic Security
Securing WebLogic Resources
Programmimg WebLogic Security
Developing Security Providers for WebLogic Server
Securing a Production Environment
The Security topics in the WebLogic Server 8.1 Upgrade Guide
Security FAQ
The Security page in the WebLogic Server documentation

Attributes

Attribute Label

Description

Value Constraints
Credential The credential (usually a password) used to connect to the embedded LDAP server. If this password has not been set, WebLogic Server generates a password at startup, initializes the attribute, and saves the configuration to the config.xml file. If you want to connect to the embedded LDAP server using an external LDAP browser and the embedded LDAP administrator account (cn=Admin), change this attribute from the generated value. Default: nullConfigurable: yesEncrypted: yesReadable: yesWritable: yes
Backup Hour The hour at which to backup the embedded LDAP server data files. This attribute is used in conjunction with the Backup Minute attribute to determine the time at which the embedded LDAP server data files are backed up. At the specified time, WebLogic Server suspends writes to the embedded LDAP server, backs up the data files into a zip files in the ldap/backup directory, and then resumes writes. The default is 23. Minimum: 0Maximum: 23Default: 23Configurable: yesReadable: yesWritable: yes
Backup Minute The minute at which to backup the embedded LDAP server data files. This attribute is used in conjunction with the Back Up Hour attribute to determine the time at which the embedded LDAP server data files are backed up. The default is 5 minutes. Minimum: 0Maximum: 59Default: 05Configurable: yesReadable: yesWritable: yes
Backup Copies The number of backup copies of the embedded LDAP server data files. This value limits the number of zip files in the ldap/backup directory. The default is 7. Minimum: 0Maximum: 65534Default: 7Configurable: yesReadable: yesWritable: yes
Cache Enabled Specifies whether or not a cache is used with the embedded LDAP server. This cache is used when a managed server is reading or writing to the master embedded LDAP server that is running on the Administration server. Default: trueReadable: yesWritable: yes
Cache Size The size of the cache (in K) that is used with the embedded LDAP server. The default is 32K. Minimum: 0Default: 32Configurable: yesReadable: yesWritable: yes
Cache TTL The time-to-live (TTL) of the cache in seconds. The default is 60 seconds. Minimum: 0Default: 60Configurable: yesReadable: yesWritable: yes
Refresh Replica At Startup Specifies whether or not a Managed server should refresh all replicated data at boot time. This attribute is useful if you have made a large number of changes while the Managed server was not active and you want to download the entire replica instead of having the Administration server push each change to the Managed server. The default is false. Default: falseReadable: yesWritable: yes
Master First Specifies that connections to the master LDAP server (running on the Administration server) should always be made instead of connections to the local replicated embedded LDAP server. This causes the Managed server to retrieve security data from the embedded LDAP server in the Administration server instead of going to the local embedded LDAP server that contains a replica of the information in the Administration server. Default: falseReadable: yesWritable: yes

Attribute Label	Description	Value Constraints
Credential	The credential (usually a password) used to connect to the embedded LDAP server. If this password has not been set, WebLogic Server generates a password at startup, initializes the attribute, and saves the configuration to the config.xml file. If you want to connect to the embedded LDAP server using an external LDAP browser and the embedded LDAP administrator account (cn=Admin), change this attribute from the generated value.	Default: nullConfigurable: yesEncrypted: yesReadable: yesWritable: yes
Backup Hour	The hour at which to backup the embedded LDAP server data files. This attribute is used in conjunction with the Backup Minute attribute to determine the time at which the embedded LDAP server data files are backed up. At the specified time, WebLogic Server suspends writes to the embedded LDAP server, backs up the data files into a zip files in the ldap/backup directory, and then resumes writes. The default is 23.	Minimum: 0Maximum: 23Default: 23Configurable: yesReadable: yesWritable: yes
Backup Minute	The minute at which to backup the embedded LDAP server data files. This attribute is used in conjunction with the Back Up Hour attribute to determine the time at which the embedded LDAP server data files are backed up. The default is 5 minutes.	Minimum: 0Maximum: 59Default: 05Configurable: yesReadable: yesWritable: yes
Backup Copies	The number of backup copies of the embedded LDAP server data files. This value limits the number of zip files in the ldap/backup directory. The default is 7.	Minimum: 0Maximum: 65534Default: 7Configurable: yesReadable: yesWritable: yes
Cache Enabled	Specifies whether or not a cache is used with the embedded LDAP server. This cache is used when a managed server is reading or writing to the master embedded LDAP server that is running on the Administration server.	Default: trueReadable: yesWritable: yes
Cache Size	The size of the cache (in K) that is used with the embedded LDAP server. The default is 32K.	Minimum: 0Default: 32Configurable: yesReadable: yesWritable: yes
Cache TTL	The time-to-live (TTL) of the cache in seconds. The default is 60 seconds.	Minimum: 0Default: 60Configurable: yesReadable: yesWritable: yes
Refresh Replica At Startup	Specifies whether or not a Managed server should refresh all replicated data at boot time. This attribute is useful if you have made a large number of changes while the Managed server was not active and you want to download the entire replica instead of having the Administration server push each change to the Managed server. The default is false.	Default: falseReadable: yesWritable: yes
Master First	Specifies that connections to the master LDAP server (running on the Administration server) should always be made instead of connections to the local replicated embedded LDAP server. This causes the Managed server to retrieve security data from the embedded LDAP server in the Administration server instead of going to the local embedded LDAP server that contains a replica of the information in the Administration server.	Default: falseReadable: yesWritable: yes