Database Reference
In-Depth Information
Table 8-11. Explanation of LDAP configuration options by category
Configuration
option name
Description
context (LDAP
context
configuration)
This can be either true or false .
eXist itself is case-sensitive for security principals (i.e., usernames and group names), but your LDAP
directory may not be case-sensitive (e.g., Active Directory is not). If your LDAP directory is not case-
sensitive, then you should set this to true to ease interoperability.
principals-
are-case-
insensitive
authentication This can be either none , simple , or strong :
none
No authentication is required before making queries of the LDAP server.
simple
Basic username and password authentication, sent in plain text across the network. This can be
improved by using SSL.
strong
This is unsupported at this time in eXist.
This can be either true or false . It's optional, and defaults to false .
use-ssl
The URL of your LDAP server (e.g., ldap://dir.mydomain.com:389 , or for SSL ldaps://
dir.mydomain.com:636 ). For Active Directory, use the address of one of the domain controllers
or the AD itself.
url
The domain name that your LDAP directory describes (e.g., mydomain.com ).
domain
search (LDAP search
configuration)
The base of the LDAP context to search. Allows you to restrict the scope of searches within your LDAP
directory to a specific distinguished name (e.g., dc=dir,dc=mydomain-ever,dc=com ).
Otherwise, if you wanted to, say, limit the search scope to just the office of engineers within your
directory for your organization, you'd do so with ou=engineers,ou=offi
ces,dc=dir,dc=mydomain,dc=com .
In LDAP parlance, dc stands for domain component and ou for organization unit.
base
The default username, used if eXist needs to attach to the directory to perform a query for a system
task it is carrying out. Typically the username of the user authenticating with eXist will be used
instead of this. This account need only have minimal read access to the directory server.
default-
username
 
Search WWH ::




Custom Search