In this section: |
Configuring the adapter consists of specifying connection and authentication information for each of the connections you want to establish.
How to: Reference: |
In order to connect to LDAP, the adapter requires connection information. You supply this information using the SET CONNECTION_ATTRIBUTES command. You can:
You can configure the adapter from either the Web Console or the Data Management Console.
or
From the Data Management Console, expand the Adapters folder.
The Adapters folder opens.
The Add Adapter to Configuration pane opens.
The LDAP adapter in under the DBMS group folder.
The following list describes the connection attributes for which you can supply values. To complete the attribute declaration, click the Configure button.
Logical name used to identify this particular set of connection attributes. The default is CON01.
Name of the LDAP vendor: Sun, IBM, Novell, Microsoft.
Address of the host machine on which the LDAP server is located.
The LDAP server uses two different ports, one for regular connections (the default is 389); the other is for SSL connections (the default is 636).
To connect to LDAP through the SSL connection (secure connection), enter an LDAP port that is specifically configured by LDAP to accept SSL connections.
There are two authentication methods when connecting to an LDAP server:
User Distinguished Name, the unique identifier for an object in the LDAP Directory utilized as the primary authorization ID.
Password associated with the primary authorization ID.
This option applies only if an ldap_secure_connection has been set to use a Secure Socket Layer (SSL) session with the LDAP server.
Enter the name of the LDAP attribute used by the API to establish the SSL/TLS connection. The API can be one of the following:
Specifies the file name (including path) of the Trusted Root Certificate that the LDAP server provides for authentication.
Specifies the path to cert7.db (Netscape certificate database excluding the file name) that the LDAP server provides for authentication.
Specifies file name (including path) of the ldapkey.kdb (IBM key database file) that the LDAP server provides for authentication. (Note that the ldapkey.sth password stash file must be in the same directory.)
For Novell only, in the ldap_ssl_certificate_encoding field select the standard used to encode the certificate from the drop-down list. The options are:
B64
DER
Note that encryption and file format depend on API vendor specifications.
Select a profile from the drop-down menu to indicate the level of profile in which to store the CONNECTION_ATTRIBUTES command. The global profile, edasprof.prf, is the default.
If you wish to create a new profile, either a user profile (user.prf) or a group profile if available on your platform (using the appropriate naming convention), choose New Profile from the drop-down menu and enter a name in the Profile Name field (the extension is added automatically).
Store the connection attributes in the server profile (edasprof).
ENGINE X500IN SET CONNECTION_ATTRIBUTES conn_name ldap_server_url/ ['user_dn'[,password]]:'PORT ldap_server_port_number [SSLCERT ssl_certificate SSLCERTENC ssl_certificate_encoding]'
where:
Is the suffix for the Adapter for LDAP.
Is a logical name used to identify this particular set of attributes.
Is the address of the host machine on which the LDAP server is located.
Is the User Distinguished Name, a unique identifier for an object in LDAP Directory utilized as the primary authorization ID.
Is the password associated with the primary authorization ID.
Is the LDAP server port number. (The SSL port should be used for the secure connection.)
Is the location of the SSL certificate file.
SSL certificate file encoding.
Note: UDNBASE and UDNATTRIBUTE are required for the Explicit security. Otherwise, they are ignored.
ENGINE X500IN SET CONNECTION_ATTRIBUTES CON02 edasol29/ 'uid=pgmavv,ou=iway,dc=ibi,dc=com',CD25FFDBB91B6790:'PORT 389'
WebFOCUS |