Defining the LDAP Schema
The structure of the LDAP schema must be defined in the Enterprise Manager. To add schema information, follow the steps below:
1. Select the Server tab, and then select the 'Server' > 'Security' option to open the 'Security Provider' page.
LDAP is recommended for authentication but not for authorization because authorization requires modification of the LDAP schema.
2. Select the 'LDAP Security Provider' option for 'Authentication' or 'Authorization', as desired.
3. If you use a back-up LDAP server to provide security in the event of a primary server failure, check 'Enable Backup Server'.
4. Select 'Main server' from the 'Enable Backup Server' menu.
5. Choose the appropriate LDAP server implementation from the 'LDAP Server' menu. Make sure the main LDAP server is correctly installed and configured, and supply the necessary connection information. See Sun ONE (iPlanet) Server, Active Directory Server, and Generic LDAP Server for more details.
6. Select 'Backup server' from the 'Enable Backup Server' menu.
7. Choose the appropriate LDAP server implementation from the 'LDAP Server' menu. Make sure the backup LDAP server is correctly installed and configured, and supply the necessary connection information. See Sun ONE (iPlanet) Server, Active Directory Server, and Generic LDAP Server for more details.
8. Press 'Apply' to save the settings.
9. Press the 'Test Connection' button to test the connection to the LDAP database. When the connection has been verified, the 'Test Administrator Login' dialog box is displayed.

10. (Optional) Enter the administrator login credentials for the LDAP server, and press 'Test'. When you have confirmed a successful login, press the close button (X) to dismiss the dialog box.
Once the directory server environment is configured, you can assign permissions to users/groups/roles for different components and functions. (See Setting Permissions for more information.)
Notes on LDAP Security Providers
• Since directory servers do not currently support roles fully, groups in the LDAP schema are mapped to roles in Style Intelligence.
• If the administrator password on the LDAP server is changed, you will not be able to log into Enterprise Manager in the usual way. Instead, log into Enterprise Manager by using the administrator's Distinguished Name (DN) together with the new LDAP administrator password. This allows Enterprise Manager to connect to the LDAP server and update the security configuration. You can then log into Enterprise Manager using the usual administrator credentials.
• Enterprise Manager authentication is integrated with Report Server authentication. Therefore, when you enable an LDAP security provider authentication you can no longer log into the EM using the default 'admin/admin' credentials. Instead, you must log in as a user with an 'Administrator' role (group). If there is no role (group) named 'Administrator' in your system, you can set the role by adding the 'role.administrator' property in the sree.properties file, e.g., role.administrator=SRAdmin.
• The performance of any AbstractSecurityProvider security implementation (including LDAP security) can be enhanced by setting 'security.cache=true' in the sree.properties file.
• Security data is cached. To refresh the cache when security data changes, press the 'Clear Security Cache' button on the 'Performance Options' page. See Tailoring Server Performance for more information.
The following sections provide a detailed description of how to set up the different types of LDAP implementation supported by InetSoft products.
| << 6.1.3 Configuring an LDAP Security Provider | © 1996-2013 InetSoft Technology Corporation (v11.5) | Sun ONE (iPlanet) Server >> |