Administration Console Online Help
Active Directory Authentication
Provider-->Users
Tasks Related Topics Attributes
Overview
Use this page to specify how user information is stored in the Active Directory LDAP directory.
Tasks
Configuring an LDAP Authentication Provider
Related Topics
Introduction to WebLogic Security
Managing WebLogic Security
Securing WebLogic Resources
Programmimg WebLogic Security
Developing Security Providers for WebLogic Server
Securing a Production Environment
The Security topics in the WebLogic Server 8.1 Upgrade Guide
Security FAQ
The Security page in the WebLogic Server documentation
Attributes
Table 158-1
|
Attribute Label
|
Description
|
Value Constraints
|
|
User Object Class
|
The LDAP object class that stores users.
MBean: weblogic.security.
providers.authentication.
ActiveDirectoryAuthenticatorMBean
Attribute: UserObjectClass
|
Default: "person"
|
|
User Name Attribute
|
The attribute of the LDAP User object that specifies the name of the user.
MBean: weblogic.security.
providers.authentication.
ActiveDirectoryAuthenticatorMBean
Attribute: UserNameAttribute
|
Default: "uid"
|
|
User Dynamic Group DNAttribute
|
The attribute of an LDAP user object that specifies the distinguished names (DNs) of dynamic groups to which this user belongs. If such an attribute does not exist, WebLogic Server determines if a user is a member of a group by evaluating the URLs on the dynamic group. If a group contains other groups, WebLogic Server evaluates the URLs on any of the descendents (indicates parent relationship) of the group.
MBean: weblogic.security.
providers.authentication.
ActiveDirectoryAuthenticatorMBean
Attribute: UserDynamicGroupDNAttribute
|
|
|
User Base DN
|
The base distinguished name (DN) of the tree in the LDAP directory that contains users.
MBean: weblogic.security.
providers.authentication.
ActiveDirectoryAuthenticatorMBean
Attribute: UserBaseDN
|
Default: "ou=people, o=example.com"
|
|
User Search Scope
|
Specifies how deep in the LDAP directory tree to search for Users. Valid values are subtree and onelevel.
MBean: weblogic.security.
providers.authentication.
ActiveDirectoryAuthenticatorMBean
Attribute: UserSearchScope
|
Default: "subtree"
|
|
User From Name Filter
|
An LDAP search filter for finding a user given the name of the user. If the attribute (user name attribute and user object class) is not specified (that is, if the attribute is null or empty), a default search filter is created based on the user schema.
MBean: weblogic.security.
providers.authentication.
ActiveDirectoryAuthenticatorMBean
Attribute: UserFromNameFilter
|
Default: "(&(cn=%u)(objectclass=user))"
|
|
All Users Filter
|
An LDAP search filter for finding all users beneath the base user distinguished name (DN). If the attribute (user object class) is not specified (that is, if the attribute is null or empty), a default search filter is created based on the user schema.
MBean: weblogic.security.
providers.authentication.
ActiveDirectoryAuthenticatorMBean
Attribute: AllUsersFilter
|
|
