LDAP ParametersThe following list contains Valuemation parameters and values related to setting LDAP connection that are necessary to process the information retrieved from the LDAP correctly. The path is an internal identification of the parameter within mainparameters and helps you group related parameters together. NOTE: The suggested values you pass as parameters apply to Microsoft platform (Windows 2000 Server and higher) and depend on the directory structure of your LDAP server. The parameters that are needed to establish a connection to the LDAP might differ if your company uses another platform for running LDAP. Parameter: authenticationType There are 2 types of authentication to choose from - fullDN and shortCN. Path: de.usu.s3.authentication.JNDIManager Values: fullDN - distinguished name from S3User table is used, full JNDI distinguished name will be stored for each imported user shortCN - authentication string is constructed as concatenation of given "commonName" and value of "folderUsers" main parameter (default setting if the main parameter doesn't exist == backward compatibility) Parameter: provider Name of the LDAP server in the network, for example, ldap://win2000as. Path: de.usu.s3.authentication.JNDIManager Value: ldap://win2000as Parameter: initctx Parameter (Constant) that holds the name of the environment property for specifying the initial context factory to use. The value of the property should be the fully qualified class name of the factory class that will create an initial context. Path: de.usu.s3.authentication.JNDIManager Value: com.sun.jndi.ldap.LdapCtxFactory Parameter: folderRoot The root of the directory structure on the server, for example, DC=bm,DC=usutest,DC=cz. This can also be interpreted as bm.usutest.cz, where each entry stands for a separate domain context level from the lowest to the highest one. Path: de.usu.s3.authentication.JNDIManager Value: DC=bm,DC=usutest,DC=cz Parameter: commonName The identifier of the user object in the directory defined by the parameter folder users (for example, users) on the LDAP. Path: de.usu.s3.authentication.JNDIManager Value: CN Parameter: propertyDelimiter LDAP records separating character. Path: de.usu.s3.authentication.JNDIManager Value: , Parameter: userId Name of the parameter used in vm for the VM user id. Path: de.usu.s3.authentication.JNDIManager Value: cn Parameter: userFirstName The name of the parameter on the LDAP whose value is the first name of a user. Path: de.usu.s3.authentication.JNDIManager Value: givenName Parameter: userLastName The name of the parameter on the LDAP whose value is the last name of a user. Path: de.usu.s3.authentication.JNDIManager Value: sn Parameter: userGroups The name of the parameter on the LDAP whose value is a list of groups which the user belong to. Path: de.usu.s3.authentication.JNDIManager Value: memberOf Parameter: userFilter Filters all entries on the LDAP and returns a collection of all users by the condition, since besides user records, the working folder on the LDAP contains also additional entries irrelevant for the use in Valuemation. Path: de.usu.s3.authentication.JNDIManager Value: ((objectclass=person)(objectclass=user)) Parameter: folderUsers The value represents a specification of the LDAP folder containing user data. However, as it contains items besides users, you need to apply a filter so as to get only the user records (see above). Path: de.usu.s3.authentication.JNDIManager Value: CN=Users,DC=bm,DC=usutest,DC=cz Parameter: groupId The name of the parameter on the LDAP whose value is the identifier of a group record. Path: de.usu.s3.authentication.JNDIManager Value: cn Parameter: groupFilter Filters all entries on the LDAP and returns a collection of all groups by the condition, since the working folder on the LDAP contains also additional entries irrelevant for the use in Valuemation. Path: de.usu.s3.authentication.JNDIManager Value: (objectclass=group) Parameter: externalManager The JAVA class to be used for browsing through the LDAP server. A new class can be easily programmed if your company has a specific server incompatible with the standard used in Valuemation. Path: de.usu.s3.userimport.ImportManager Value: de.usu.s3.authentication.JNDIManager Parameter: externalManagerUsername The username used to connect to the LDAP. This user must have at least read-access rights to the LDAP. Path: de.usu.s3.userimport.ImportManager Value: Administrator Parameter: externalManagerPassword The password used to connect to the LDAP in an encrypted form. To encrypt the password, use the RunCrypto.bat utility in the Valuemation root directory. Path: de.usu.s3.userimport.ImportManager Value: A1233D90C0E9E1A0665E6DBB63024912 Parameter: groupsImport Enables import of groups from LDAP server. Path: de.usu.s3.userimport.ImportManager Values: true/false Parameter: domainsImport Possibility to handle users from different domains. (only for Valuemation 3.5) Path: de.usu.s3.userimport.ImportManager Value: true/false Parameter: customizableReplacements Enables replacements for restricted characters in LDAP user IDs. Can be enabled and edited in Global Settings/Authentication. Path: de.usu.s3.userimport.ImportManager Value: true/false Parameter: ST025694-JNDIauthenticationAutocorrectionOff Optionaly, the autocorrection mechanism can be switched off by adding a mainparameter. If the parameter is set to TRUE, autocorrection is switched-off. If the autocorrection is switched-off, only a user with distinguished name Path: vmcorehotfix Value: true/false | |||||