Configuration GuidesPolicy Server Configuration GuideUser DirectoriesHow to Configure an Active Directory Global Catalog User Directory Connection › Configure Active Directory Global Catalog Directory Connections

Previous Topic: Ping the User Store System

Next Topic: How to Configure an Oracle Internet Directory User Directory Connection
Configure Active Directory Global Catalog Directory Connections

You can configure a user directory connection that lets the Policy Server communicate with an Active Directory Global Catalog user store.

The Policy Server user store supports the Global Catalog Support feature in Active Directory. However, SOA Security Manager features that require writing to Active Directory, such as Password Services, are not supported, because Global Catalog does not support writes to Active Directory.

To configure the user directory connection

  1. Click Infrastructure, Directory.
  2. Click User Directory, Create User Directory.

    The Create User Directory pane opens.

    Note: Click Help for descriptions of settings and controls, including their respective requirements and limits.

  3. Select LDAP from the Namespace list.

    LDAP settings open.

  4. Complete the remaining required connection information on the General and Directory Setup group boxes.

    Note: If the Policy Server is operating in FIPS mode and the directory connection is to use a secure SSL connection when communicating with the Policy Server, the certificates used by the Policy Server and the directory store must be FIPS compliant.

  5. Type the LDAP Search and LDAP User DN Lookup settings in the fields on the LDAP Settings group box.
  6. (Optional) Click Configure to configure load balancing and failover.

    Note: More information about load balancing and failover, see LDAP Load Balancing and Failover.

  7. (Optional) Select Require Credentials on the Administrator Credentials group box, and type the user name and password of an administrator's account on the user directory in the fields on the group box.
  8. (Optional) Specify the user directory profile attributes that are reserved for SOA Security Manager's use in the fields on the User Attributes group box.
  9. (Optional) Click Create on the Attribute Mapping List group box.

    The Create Attribute Mapping pane opens.

  10. Click Submit.

    The Create User Directory task is submitted for processing.

More information:

Define an Attribute Mapping

How to Configure an LDAP User Directory Connection over SSL