The default mldap_esm security manager settings are designed for the simple LDAP configuration using AD LDS and the Micro Focus user class. Before the mldap_esm security manager can update the information in an LDAP server, you need to set a number of configuration options.
[LDAP]
base=DN-suffix
user class=user class
user container=user-container
group container=group-container
resource container=resource-container
DN-suffix | The common part of the DN for your user container, MSS group container, and MSS resource rules container. For example, if your users are in CN=users,DC=somecorp,DC=com, and your MSS containers are in CN=MF,DC=somecorp,DC=com, you could set base to DC=somecorp,DC=com. |
user class | The LDAP object class used for your users. The following options are available:
|
user-container | The DN of the container for user objects, without the "base" suffix, for example: CN=users |
group-container | The DN of the container for MSS user group objects, without the "base" suffix, for example: CN=Enterprise Server Groups,CN=MF |
resource-container | The DN of the container for resource access class containers (which in turn hold resource access definition objects), without the "base" suffix, for example CN=Enterprise Server Resources,CN=MF |