|
|
|
Before you reference an external LDAP directory, gather the following configuration information:
|
Required information |
Value |
Comments |
|---|---|---|
|
Type |
|
Note the type of directory you are using. CA Enterprise Log Manager supports several different directories including Microsoft Active Directory, and Sun ONE Directory. Refer to the user interface for a complete list of supported directories. |
|
Host |
|
Record the host name of the server for the external user store or directory. |
|
Port |
|
Record the port number on which the external user store or directory server listens. Port 389 is the well-known port for LDAP (Lightweight Directory Access Protocol). If your registry server does not use port 389, record the correct port number. |
|
Base DN |
|
Record the LDAP distinguished name (DN) that is used as the base. The DN is a unique identifier for an entry in an LDAP directory tree structure. No spaces are allowed in the Base DN. Only global users and groups discovered underneath this DN are mapped and can be assigned a CA Enterprise Log Manager application group or role. |
|
Password |
|
Enter and confirm the password for the user listed in the User DN row. |
|
User DN |
|
Enter the valid user credentials for any valid user in the user registry whose user record is searchable. Enter the complete distinguished name (DN) of the user. You can log in with any user ID that has an administrative role. The User DN and associated password are the credentials used to attach to the external directory host. |
|
Use Transport Layer Security (TLS) |
|
Specifies whether your user store is to use the TSL framework to protect plain text transmissions. When selected, TLS is used when making the LDAP connection to the external directory. |
|
Include Unmapped Attributes |
|
Specifies whether to include fields that are not synchronized from the LDAP directory. External attributes that are not mapped can be used for searching and as filters. |
|
Cache Global Users |
|
Specifies whether to store global users in memory for quick access. Selection allows for faster lookups at the cost of scalability. For a small test environment, selection is recommended. |
|
Cache Update Time |
|
If you selected to cache Global Users, specify the frequency, in minutes, for updating the cached global groups and users to include new and changed records. |
|
Retrieve Exchange Groups as Global User Groups |
|
If the type of external directory is Microsoft Active Directory, this option specifies that you want to create global groups from Microsoft Exchange group information. If selected, you can write policies against members of distribution lists. |
| Copyright © 2011 CA. All rights reserved. | Email CA Technologies about this topic |