This discussion is archived
3 Replies Latest reply: Nov 5, 2013 3:56 AM by Sylvain Duloutre RSS

BIND Ids Steps

979487 Newbie
Currently Being Moderated

Hi,

 

I am referring to this link, Oracle Unified Directory - Network Group and trying to setup "allowed-bind-id" field, however it asks for setting up identity mapper. Is there are any document someone could point on setting up this feature? I am not sure on how to configure matching identity mapper for a Network Group.

 

Thanks.

  • 1. Re: BIND Ids Steps
    Sylvain Duloutre Pro
    Currently Being Moderated

    Hi,

     

    allowed-bind-id is useful in case LDAP clients binds using an indentifier string that is *not* a LDAP DN, e,g, foo@bar.

    Are you really in this case ? If you want to configure a network group matching some DNs, you should use the allowed-bind-dn property instead. This option does not require any identity mapper and accepts regular expressions.

     

    -Sylvain

  • 2. Re: BIND Ids Steps
    979487 Newbie
    Currently Being Moderated

    Is it possible to choose any other attribute like location, ou etc as a matching criteria instead of DN?

  • 3. Re: BIND Ids Steps
    Sylvain Duloutre Pro
    Currently Being Moderated

    A connection is assigned to a network group w/o any lookup to the directory, so network group selection must be based on info available in the incoming request (e.g dn). As of now, it is not possible to define a criteria based on the content of the user entry for instance. This might be supported in the future.

Legend

  • Correct Answers - 10 points
  • Helpful Answers - 5 points