|
Integrity Lifecycle Manager Agent provides support for the password expiry feature of the LDAP v3 security realm. The only LDAP servers that support this functionality are Sun One/iPlanet/Netscape Directory Servers.
|
Property
|
Description
|
ldap.host
|
Host name (or IP address) of LDAP server.
|
ldap.port
|
LDAP server port to connect to. By default, server.port is 389 for connections using clear protocol and 636 for connections using private protocol.
|
ldap.principal
|
Distinguished Name (DN) of user/principal used to connect to LDAP server. Principal should be an unprivileged user (that is, principal should have read-only access).
|
ldap.credential
|
Password of above user/principal.
|
Property
|
Description
|
ldap.user.dn
|
One or more base Distinguished Names (DN) for searching users.
|
ldap.user.filter
|
LDAP search filters to match user entries (where %u is substituted for user).
|
ldap.user.scope
|
Range for searching users. Allowed values are subtree, one-level, or base. By default, ldap.user.scope=subtree.
|
ldap.user.name
|
Name or user ID of user.
|
ldap.user.displayname
|
Full name for user. Specifying this property turns on full name.
|
ldap.user.e-mail
|
E-mail address for user.
Property not defined for rfc 2307 realms.
|
ldap.user.objectclass
|
Object class value that indicates object is user.
|
Property
|
Description
|
ldap.member.dn
|
One or more base Distinguished Names for searching group members (where %M is substituted with value of member name/DN for group).
|
ldap.member.filter
|
Filter to resolve member (where %M is substituted with value of member name/DN for group).
|
ldap.member.scope
|
Range for searching members. Allowed values are subtree, one-level, or base.
|
Property
|
Description
|
ldap.ou.objectclass
|
Object class name for organizational unit.
|
ldap.ou.name
|
Display name for organizational unit.
|