Administration Console Online Help
Domain-->Security-->Embedded LDAP
Tasks Related Topics Attributes
Overview
The embedded LDAP server contains user, group, group membership, security role, security policy, and credential map information. By default, each WebLogic Server domain has an embedded LDAP server configured with the default values set for each attribute. The WebLogic Authentication, Authorization, Credential Mapping, and Role Mapping providers use the embedded LDAP server as their database. If you use any of these providers in a new security realm, you may want to change the default values for the embedded LDAP server to optimize its use in your environment.
Tasks
Configuring the Embedded LDAP Server
Related Topics
Introduction to WebLogic Security
Managing WebLogic Security
Securing WebLogic Resources
Programmimg WebLogic Security
Developing Security Providers for WebLogic Server
Securing a Production Environment
The Security topics in the WebLogic Server 8.1 Upgrade Guide
Security FAQ
The Security page in the WebLogic Server documentation
Attributes
Attribute Label
|
Description
|
Value Constraints
|
Credential
|
The credential (usually a password) used to connect to the embedded LDAP server. If this password has not been set, WebLogic Server generates a password at startup, initializes the attribute, and saves the configuration to the config.xml file. If you want to connect to the embedded LDAP server using an external LDAP browser and the embedded LDAP administrator account (cn=Admin ), change this attribute from the generated value.
|
Default: null
Configurable: yes
Encrypted: yes
Readable: yes
Writable: yes
|
Backup Hour
|
The hour at which to backup the embedded LDAP server data files. This attribute is used in conjunction with the Backup Minute attribute to determine the time at which the embedded LDAP server data files are backed up. At the specified time, WebLogic Server suspends writes to the embedded LDAP server, backs up the data files into a zip files in the ldap/backup directory, and then resumes writes. The default is 23.
|
Minimum: 0
Maximum: 23
Default: 23
Configurable: yes
Readable: yes
Writable: yes
|
Backup Minute
|
The minute at which to backup the embedded LDAP server data files. This attribute is used in conjunction with the Back Up Hour attribute to determine the time at which the embedded LDAP server data files are backed up. The default is 5 minutes.
|
Minimum: 0
Maximum: 59
Default: 05
Configurable: yes
Readable: yes
Writable: yes
|
Backup Copies
|
The number of backup copies of the embedded LDAP server data files. This value limits the number of zip files in the ldap/backup directory. The default is 7.
|
Minimum: 0
Maximum: 65534
Default: 7
Configurable: yes
Readable: yes
Writable: yes
|
Cache Enabled
|
Specifies whether or not a cache is used with the embedded LDAP server. This cache is used when a managed server is reading or writing to the master embedded LDAP server that is running on the Administration server.
|
Default: true
Readable: yes
Writable: yes
|
Cache Size
|
The size of the cache (in K) that is used with the embedded LDAP server. The default is 32K.
|
Minimum: 0
Default: 32
Configurable: yes
Readable: yes
Writable: yes
|
Cache TTL
|
The time-to-live (TTL) of the cache in seconds. The default is 60 seconds.
|
Minimum: 0
Default: 60
Configurable: yes
Readable: yes
Writable: yes
|
Refresh Replica At Startup
|
Specifies whether or not a Managed server should refresh all replicated data at boot time. This attribute is useful if you have made a large number of changes while the Managed server was not active and you want to download the entire replica instead of having the Administration server push each change to the Managed server. The default is false.
|
Default: false
Readable: yes
Writable: yes
|
Master First
|
Specifies that connections to the master LDAP server (running on the Administration server) should always be made instead of connections to the local replicated embedded LDAP server. This causes the Managed server to retrieve security data from the embedded LDAP server in the Administration server instead of going to the local embedded LDAP server that contains a replica of the information in the Administration server.
|
Default: false
Readable: yes
Writable: yes
|