| LDAP Profiles | ||
|---|---|---|
| Previous | Next | |
| Installation properties | LDAP Sync | |
An LDAP profile is used for login and extraction of information from an LDAP directory, for example from advanced OID synchronizing or the login portlet.
This section describes the properties of an LDAP profile, as shown on the corresponding Edit pane tabs.
| Property | Description |
|---|---|
| Profilename |
Type the name of the profile. |
| Server name |
Type the name or the IP of the remote directory from which the user information will be synchronized. |
| Server port |
Type the port number the remote directory is listening on. The default LDAP port is 389. |
| Administrator |
Specify the super-user of the remote directory. In Oracle Internet Directory this is cn=orcladmin but there might be other users as well. This user will need extended privileges. It must be given privileges to read the change log of the remote directory, and the privileges to create new objects (groups) in the remote directory, since this is a choice in the configuration. |
| Password |
Type the password of the administrator. |
| Group level (top) |
Specify the top level of the remote directory. A typical top level would be cn=portal.070104.174902.679720000,cn=Groups,dc=demo,dc=iknowbase,dc=com |
| User-searchfilter |
Specify a filter to use when searching for users to synchronize. There might be cases where not all objects placed under the LDAP user top level should be used. This can be accomplished by providing a filter here. By default the filter is objectClass=orclAdUser. This means that only objects with an attached object class called orclAdUser, will be synchronized. If all objects are to be synchronized, you may use a wildcard search filter like objectClass=* |
| Group-searchfilter |
Specify a filter to use when searching for groups to synchronize. There might be cases where not all objects placed under the LDAP user top level should be used. This can be accomplished by providing a filter here. By default the filter is objectClass=orclgroup. This means that only objects with an attached object class called orclgroup, will be synchronized. If all objects are to be synchronized, you may use a wildcard search filter like objectClass=* |
| User level (top) |
Specify the top level of the remote directory where the objects to be synchronized are placed. These objects are referred to as users, but they might be other type of LDAP objects as well. |
| ldap implemetation |
Select between Microsoft Active Directory or Oracle Internet Directory. |
| Use paging mechanism |
Can be used when the number of users are high. When bootstrapping, the number of users returned can be limited to e.g 20000 (in LDAP). If the result set exceeds this limitations, it fails. You can then use this flag to let the bootstrap function fetch sets of users instead. Note : using this flag might have an impact on the performance. |
| Previous | Top | Next |
| Installation properties | LDAP Sync |