Siebel Security Guide > Security Adapter Authentication > Process of Implementing LDAP or ADSI Security Adapter Authentication >

Setting Up the LDAP or ADSI Directory

When you implement LDAP or ADSI authentication, users are authenticated through a directory. This topic describes how to setup the directory to do the following:

• Authenticate users through the directory.
• Allows self-registration.
• Uses the Siebel user ID as the username.

NOTE:  For more information about setting up the directory, review Requirements for the LDAP or ADSI Directory.

This task is step inProcess of Implementing LDAP or ADSI Security Adapter Authentication.

The following procedure describes how to setup the LDAP or ADSI directory.

To setup the LDAP or ADSI directory

1. Determine the Base Distinguished Name, that is, the location in the directory in which users will be stored. For details, see the BaseDN parameter description in Siebel Gateway Name Server Parameters.

   You cannot distribute the users of a single Siebel application in more than one base DN. However, you can store multiple Siebel Business Applications' users in one base DN or in substructures such as organization units (OU), which are used for LDAP.

   For this example, users are stored in the People base DN under the domain level for LDAP directories, or in the Users base DN under the domain level for ADSI directories.

2. Define the attributes to use for the following user data. Create new attributes if you do not want to use existing attributes. Suggested attributes to use are as follows:
   • Siebel user ID. Suggested attribute: uid for LDAP, or sAMAccountName for ADSI.
   • Database account. Suggested attribute: dbaccount.
   • Password. Suggested attribute (for LDAP only): userPassword. ADSI does not use an attribute to store a user's password.

Optionally, use other attributes to represent first name, last name, or other user data.