LDAPSearchFilter

Configuration for searching the user registry to find user information for authentication purposes.



Attributes Summary
userFilter : StringAn LDAP filter clause for searching the registry for users.
groupFilter : StringAn LDAP filter clause for searching the registry for groups.
userIdMap : StringAn LDAP filter that maps the short name of a user to an LDAP entry.
groupIdMap : StringAn LDAP filter that maps the short name of a group to an LDAP entry.
groupMemberIdMap : StringAn LDAP filter that identifies User to Groups memberships.
certificateMapMode : CertificateMapModeWhether to map X.
certificateFilter : StringIf you specified the Filter Certificate mapping, this property specifies the certificate property against which to check certificate validity.

Attribute Details

userFilter    -    An LDAP filter clause for searching the registry for users. It is typically used for Security Role to User assignment. It specifies the property by which to look up users in the directory service. For example, to look up users based on their user IDs, specify (ampersand(uid=%v)(objectclass=inetOrgPerson) where ampersand is the ampersand symbol. For more information about this syntax, see the LDAP directory service documentation.
     data type:  String
     default Value:   unspecified



groupFilter    -    An LDAP filter clause for searching the registry for groups. It is typically used for Security Role to Group assignment. It specifies the property by which to look up groups in the directory service. For more information about this syntax, see the LDAP directory service documentation.
     data type:  String
     default Value:   unspecified



userIdMap    -    An LDAP filter that maps the short name of a user to an LDAP entry. Specifies the piece of information that should represent users when users are displayed. For example, to display entries of the type object class = inetOrgPerson by their IDs, specify inetOrgPerson:uid. This field takes multiple objectclass:property pairs delimited by a semicolon (";").
     data type:  String
     default Value:   unspecified



groupIdMap    -    An LDAP filter that maps the short name of a group to an LDAP entry. Specifies the piece of information that should represent groups when groups are displayed. For example, to display groups by their names, specify *:cn. The * is a wildcard character that searches on any object class in this case. This field takes multiple objectclass:property pairs delimited by a semicolon (";").
     data type:  String
     default Value:   unspecified



groupMemberIdMap    -    An LDAP filter that identifies User to Groups memberships. Specifies which property of an objectclass stores the list of members belonging to the group represented by the objectclass. This field takes multiple objectclass:property pairs delimited by a semicolon (";"). For more information about this syntax, see the LDAP directory service documentation.
     data type:  String
     default Value:   unspecified



certificateMapMode    -    Whether to map X.509 Certificates into an LDAP directory by EXACT_DN or CERTIFICATE_FILTER. Specify CERTIFICATE_FILTER to use the specified Certificate Filter for the mapping.
     data type: CertificateMapMode
     default Value:   unspecified
     Allowed Values:  EXACT_DN   CERTIFICATE_FILTER  



certificateFilter    -    If you specified the Filter Certificate mapping, this property specifies the certificate property against which to check certificate validity.
     data type:  String
     default Value:   unspecified


Copyright IBM Corp. 1997-2004