To Edit a Security Manager's Properties

Once you have added a security manager to the pool, you can edit its properties.

  1. On the menu at the left side of the Enterprise Server Administration Web page, under Configure , click Security .
  2. Click the Security Managers tab, and in the list, select the security manager to edit.
  3. Click Edit.
  4. Specify the details of the security manager.
    Name

    Specify the name used to identify the security manager.

    Module

    Specify the module used to access an external security manager or to implement the security rules. If you specify it with a relative path (which includes no path) it is relative to $COBDIR/etc .

    Connection Path

    If the module requires a connection string that tells it how to connect to the external security manager, specify it here.

    The information supplied in the string and its format depend on the module that you are using. For details, please see the documentation supplied with the module.

    Authorized ID and Password

    If the module requires credentials to connect to the external security manager, specify them here.

    As with the connection path, the content and format of these fields depend on the module that you are using. For details, please see the documentation supplied with the module.

    Enabled

    Check this to enable this security manager. If it is disabled, it will be ignored by Directory Server and those enterprise servers that reference it.

    Cache limit
    If the module has a configurable cache for holding responses from the security manager, enter its maximum size in kilobytes here.

    Most ESM Modules ignore this parameter. It is supported by the MLDAP ESM Module.

    Cache TTL
    If the module has a configurable cache for holding responses from the security manager, enter the maximum time in seconds that an entry in the cache can be used to satisfy requests before the details must be requeried from the security manager.

    Most ESM Modules ignore this parameter. It is supported by the MLDAP ESM Module.

    Note: Enterprise Server and Directory Server also have their own configurable caches for security information. These are checked before submitting queries to the security manager module.
    Description

    Specify a description of the security manager.

    Configuration information

    Specify any additional configuration settings that the module requires.

    Properties

    Click this to access pages for the management of users, groups and resources controlled by this security manager.

    Important: You will only be able to manage users, groups and resources where the security manager is on the priority list used by Directory Server. That is:
    • if Directory Server uses the Default ES Security configuration, the security manager must be on the Default ES Security manager list
    • if Directory Server uses its own configuration options, the security manager must be on the Directory Server's own security manager list

    In addition, the ESM module and the external security manager to which it connects must also support user, group and resource administration via the Security Facility.

  5. Click OK to save the changes and return to the Security Managers screen. Alternatively, click Apply to save the changes and remain on the current screen.