6.1.3 Configuring an LDAP Security Provider
The LDAP security provider is useful when your users, groups, and roles are already defined in an LDAP environment such as Active Directory, Sun ONE (iPlanet), or any generic LDAP implementation. You can use the LDAP server for either authentication or authorization, although LDAP is not generally recommended for authorization.
LDAP is recommended for authentication but not for authorization because authorization requires modification of the LDAP schema.
To use the LDAP security provider for authentication (i.e., verifying user credentials), select the 'LDAP' option from the 'Authentication' menu on the 'Security Provider' page. (See Specifying a Security Provider.) All user, group, and role information is retrieved from the LDAP server and cannot be created or configured in Enterprise Manager. To configure the LDAP connection, see Defining the LDAP Schema.
To use the LDAP security provider for authorization (i.e., assigning permissions and access), select the 'LDAP' option from the 'Authorization' menu on the 'Security Provider' page. (See Specifying a Security Provider.) Authentication information is then stored and accessed from the LDAP server (with modification of the LDAP schema). See Writing to the Active Directory Schema for information on making the Active Directory schema writable.
See Also
Selecting a Security Provider, in Integration, for information on choosing a security configuration.
| << 6.1.2 Configuring the Default Security Provider | © 1996-2013 InetSoft Technology Corporation (v11.4) | Defining the LDAP Schema >> |