...
- Create a JNDIDirectoryDataConnector with its id attribute.
- Create a Search element, as a child of JNDIDirectoryDataConnector, with an attribute, filter, whose value it the LDAP search filter to use. The macro %PRINCIPAL% may be used to insert the current principal's name into the search filter.
- Optionally, a Controls element may be added as a child to a Search element with attributes/values of searchScope="SUBTREE_SCOPE" and returningObjects="false" to scope a particular search filter. with any of the following attributes:
Attribute Name
Attribute Value
Usage
searchScope
OBJECT_SCOPE, ONELEVEL_SCOPE, SUBTREE_SCOPE
Scope of the search; particular objeclasses, LDAP URL specified level only, or LDAP URL and its descendants, respectively
returningAttributes
comma seperated list of attribute names
The attributes to be returned from a search. Limiting the number of attribute to only those you need can greatly increase performance
timeLimit
0 - 2^31^-1
number of milliseconds to wait for a search to return, 0 indicates wait forever
countLimit
0 - 2^63^-1
maximum number of results to return in a query
returningObjects
true or false
whether to return only objectclass definitions
linkDereferencing
true or false
whether to dereference LDAP links, not the same thing as LDAP referrals
- Create Property elements, children of the JNIDDirectoryDataConnector element, with attributes name and value containing the following values as appropriate
Name Attribute
Value Attribute
Usage
java.naming.factory.initial
com.sun.jndi.ldap.LdapCtxFactory
The factory used to produce LDAP connections
java.naming.provider.url
ldap://ldap.example.edu/dc=example,dc=edu (example)
The URL of the LDAP server to connect too
java.naming.referral
ignore, follow, throw
Whether to ignore, follow, or throw an exception when an LDAP referral is received
java.naming.security.principal
cn=admin,dc=example,dc=edu (example) I The DN of the user to bind to the directory
java.naming.security.credentials
examplepw
The password for the user binding to the directory
java.naming.security.protocol
ssl
To connect to the LDAP over SSL
com.sun.jndi.ldap.connect.pool
true or false
Whether to pool connections or not. This option is specific to the Sun LDAP connection factory.
com.sun.jndi.ldap.connect.pool.initsize
Number of connections to create when the pool is created. This option is specific to the Sun LDAP connection factory.
com.sun.jndi.ldap.connect.pool.prefsize
Number of connections that should be kept around in the pool. This option is specific to the Sun LDAP connection factory.
com.sun.jndi.ldap.connect.pool.authentication
none simple
The methods used to authentication users. This option is specific to the Sun LDAP connection factory.
com.sun.jndi.ldap.connect.pool.protocol
plain ssl
The protocols available to communicate to the server. This option is specific to the Sun LDAP connection factory.
- Create Property elements, children of the JNIDDirectoryDataConnector element, with attributes name and value containing the following values as appropriate
...