To Add an OpenLDAP Security Manager

Before you can use an OpenLDAP security manager, you must install the Micro Focus schema extensions and application containers on the OpenLDAP repository that you intend to use. For more information, see Manual steps for installing Micro Focus schema extensions and application containers under OpenLDAP.

Note:

Micro Focus has developed and tested under the latest version of OpenLDAP Server available from OpenLDAP.org. Later revisions of OpenLDAP Server should be compatible with Micro Focus Enterprise Server Security Manager and Configuration Repository but are not guaranteed. Micro Focus will review any issues found in later releases of OpenLDAP Server but cannot guarantee compatibility.

The Enterprise Server External Security Facility connects to external LDAP servers through the MLDAP ESM module. To configure this:

Add a security manager to the security manager pool as described by To add a security manager to the pool and specify the following details:
- Name - This is the name (for example, you might call it Local OpenLDAP) that you will use to refer to the security manager when adding it to particular security manager lists.
- Module - Enter mldap_esm.
- Connection Path - Enter the address for your LDAP server (e.g. localhost:389).
- Authorized ID and Password - These refer to the credentials that the MLDAP ESM module will use to connect to and, if you are using the MF Directory Server screens for managing users and resources, write any necessary information to the LDAP server. For example, with a default installation, the authorized ID will be cn=Manager,dc=my-domain,dc=com and the password will be secret.
- Description - Local OpenLDAP Security Manager connection
- Configuration Information - This will be as follows:
```
[LDAP]
Base=cn=Micro Focus,DC=my-domain,dc=com
user container=CN=Enterprise Server Users
group container=CN=Enterprise Server User Groups
resource container=CN=Enterprise Server Resources
```
Make sure that the Enabled option is checked. If it is not, the security manager will not be used by any security manager list to which it is added.
You can now add the security manager to the relevant security manager list. For details, see To add a security manager to an enterprise server's security manager list, To add a security manager to the Directory server's security manager list and To add a Security Manager to the Default ES Security Manager List.