To use the ES security information in LDAP, you will need to configure ES security:
- Create one or more Security Managers to connect to your LDAP server. You need to set various attributes for these managers:
- The module name to
mldap_esm
- The connection path to ldap://servername (or ldaps://servername to use an SSL-secured connection, if your LDAP client and server support SSL)
- The authorized ID and password to the name (usually a DN) and password of an account that has at least read permission for the ES objects in the directory
- In the Configuration Information area, you will probably need to add a number of directives to alter the default behavior, for container DNs, user class, and so forth. For example, when using Windows users for ES, a typical configuration would be:
[LDAP]
base=domain-DN
user container=CN=users
group container=CN=Enterprise Server User Groups,CN=Micro Focus,CN=Program Data
resource container=CN=Enterprise Server Resources,CN=Micro Focus,CN=Program Data
user class=user
[Verify]
mode=bind
password type=AD
- Alter the security configuration for MF Directory Server, ES Default Security, and/or specific ES servers to use your new Security Manager
See the product documentation for more information. (In particular, see the documentation for the MLDAP ESM Module for information on configuring the module to match your AD setup.)
