Administer Operator Categories and Custom Operator Groups › Configuring Operator Categories › Configure Directory Services Defaults

Configure Directory Services Defaults

You can configure Directory Services. The Directory Services operator category provides an interface to support LDAP/AD.

Follow these steps:

1. Click the Configuration tab, select Domain, and click Lock.
2. Click the Modules tab, right-click Directory Services, and select Edit.
3. Specify a batch size default for returning operation results to help the server optimize performance and usage of resources. Either select a value from 1 through 1000 or enter 0 to let the server determine the batch size.
4. Select a value for the maximum number of objects to return when executing the Get Object or Get User operators.
5. Specify the following factory class names:
   1. Accept the default, com.sun.jndi.ldap.LdapCtxFactory, as the fully qualified class name of the factory class that creates an initial context.
   2. Enter a colon-separated list of fully qualified state factory class names that can get the state of a specified object. Leave this field blank to use the default state factory classes.
   3. Enter a colon-separated list of the fully qualified class names of factory classes that create an object from information about the object. Leave this field blank to use the default object factory classes.
6. Enter a colon-separated list of language tags, where tags are defined in RFC 1766. Leave blank to let the LDAP server determine the language preference.
7. Select one of the following values to specify how the LDAP server handles referrals.

   Ignore

   Ignore the referrals.

   Follow

   Follow the referrals.

   Throw

   Return the first referral that the server encounters and stop the search.

8. Specify the authentication mechanism for the LDAP server to use with one of the following entries:

   None

   Use no authentication (anonymous).

   Simple

   Use weak authentication (clear-text password). Select this option when you set Security Protocol to SSL.

   Space-separated SASL mechanism list

   Let LDAP support any type of authentication agreed upon by the LDAP client and server.

9. Indicate the security protocol in one of the following ways:
   • Enter ssl to specify the protocol that permits LDAP server connections through a secure socket.

     Important! If connecting to Active Directory (AD), type ssl in lowercase. AD rejects the value SSL.

   • Leave blank to use basic connectivity.
10. Select a value to indicate the connection timeout value in seconds or enter 0 (zero) for no timeout.
11. Enter the location of the default LDAP Server and the default login credentials.
    1. Enter the host name or IP address.
    2. Enter the default port for the LDAP Server. Consider the following ports:
       • 389 - The ldap port for Lightweight Directory Access Protocol (LDAP).
       • 636 - The ldaps port for the ldap protocol over TLS/SSL.
    3. Enter the User ID of the default LDAP User. Operators can use this default or can override it.
    4. Enter the default Password for LDAP User. Operators can use this default or can override it.
12. Enter the default base distinguished name (DN). Operators can use this default or can override it.
13. Enter either uid or cn as the default user prefix.
14. Click Save and Close.
15. Click Save.
16. Select Domain and click Unlock.

More information:

Override Settings Inherited by a Category of Operators

Category Configuration and Operator Inheritance

About Directory Services

Configuring Operator Categories