Previous Topic: How to Configure an Active Directory User Store ConnectionNext Topic: How to Configure an Oracle Internet Directory User Directory Connection


How to Configure an Active Directory Global Catalog User Directory Connection

You can use an Active Directory Global Catalog as a user store. The following process lists the steps for creating the user store connection to the Policy Server:

  1. Ping the User Store System
  2. Configure the Active Directory Global Catalog Connection
Ping the User Store System

Be sure to ping your user store system before configuring to verify that a network connection exists between the Policy Server and the user directory or database.

Note: Some user store systems may require the Policy Server to present credentials.

Configure Active Directory Global Catalog Directory Connections

You can configure a user directory connection that lets the Policy Server communicate with an Active Directory Global Catalog user store.

The Policy Server user store supports the Global Catalog Support feature in Active Directory. However, features that require writing to Active Directory, such as Password Services, are not supported, because Global Catalog does not support writes to Active Directory.

Follow these steps:

  1. Click Infrastructure, Directory.
  2. Select User Directories.
  3. Click Create User Directory..
  4. Complete the required connection information in the General and Directory Setup areas.
  5. Configure the LDAP search and LDAP user DN lookup settings in the LDAP Settings area.
  6. (Optional) Click Configure to configure load balancing and failover.

    Note: More information about load balancing and failover, see LDAP Load Balancing and Failover.

  7. (Optional) Do the following in the Administrator Credentials area:
    1. Select the Require Credentials option.
    2. Enter the credentials of an administrator account.
  8. (Optional) Specify the user directory profile attributes that are reserved for CA SiteMinder® use in the User Attributes area.
  9. (Optional) Click Create in the Attribute Mapping List area to configure user attribute mapping.
  10. Click Submit.

    The user directory connection is created.

More information:

Define an Attribute Mapping