Previous Topic: Disable LDAP Referrals

Next Topic: Idle Timeouts and Stateful Inspection Devices

Handle LDAP Referrals on Bind Operations

To configure LDAP referrals on bind operations for Policy Servers on Windows

  1. From the Windows Start menu, select Run.
  2. Enter regedit in the Run dialog box and click OK.
  3. In the Registry Editor, navigate to:
    HKEY_LOCAL_MACHINE\SOFTWARE\Netegrity\SiteMinder\
    CurrentVersion\Ds\LDAPProvider
    
  4. Modify the following registry value:

    Note: The value is shown in hexadecimal notation.

    "ChaseReferralsOnBind"=dword:00000001
    

    Determines if LDAP referrals on a bind operation should be chased. Most LDAP directory servers handle LDAP referrals on binds. If your directory server handles referrals on binds, ChaseReferralsOnBind has no effect. However, if your directory does not, this setting allows the Policy Server to handle bind referrals.

    If your server does handle referrals on bind operations you can change this setting to 0, disabling the Policy Server's ability to handle bind referrals.

    Referral chasing on binds is enabled by default. This setting may only be modified by editing the Registry.

  5. Restart the Policy Server.

To configure LDAP referrals on bind operations for a Policy Server on Solaris

  1. Navigate to:
    install_dir/siteminder/registry
    
  2. Open sm.registry in a text editor.
  3. Locate the following text in the file:
    HKEY_LOCAL_MACHINE\SOFTWARE\Netegrity\SiteMinder\
    CurrentVersion\Ds\LDAPProvider
    
  4. Locate the line that follows the line from step 3 and begins with:
    ChaseReferralsOnBind
    
  5. Modify the value that comes just before the semicolon as follows.

    Note: The value must be converted to hexadecimal notation.

    Determines if LDAP referrals on a bind operation should be chased. Most LDAP directory servers handle LDAP referrals on binds. If your directory server handles referrals on binds, ChaseReferralsOnBind has no effect. However, if your directory does not, this setting allows the Policy Server to handle bind referrals.

    If your server does handle referrals on bind operations you can change this setting to 0, disabling the Policy Server's ability to handle bind referrals.

  6. Restart the Policy Server.


Copyright © 2010 CA. All rights reserved. Email CA about this topic