LDAP Searches |
Some LDAP searches may generate LDAP referrals to other servers participating
in your directory. You must be able to ping by hostname all servers in the
directory from the application server. If any server is unreachable by hostname
from the application server, you can add a line for the server to the hosts.
Your directory information tree must have user entries at the leaf level.
This is required when an entry needs to be moved from one branch to another.
The entry needs to be at the leaf level so that the system can read user attributes,
one of which is the password file on the application server.
|
Entry Limit |
In the directory, configure the entry limit value to be larger than
the number of rows that you expect will be returned. The default value is
usually not sufficient.
|
Directory Tree |
Your directory information tree must have user entries at the leaf level.
This is required when an entry needs to be moved from one branch to another.
The entry needs to be at the leaf level so that the system can read user attributes,
one of which is the password.
|
Microsoft Active Directory |
The following items apply to implementations that use Microsoft Active
Directory:
-
The registry key HKLM\System\CurrentControlSet\Services\NTDS\Parameters\Schema
Update Allowed must be present and set to a nonzero DWORD on the Active Directory
FSMO Role Owner.
-
When creating structural object classes in Microsoft Active
Directory, you need to specify containment. PsftJobs can be children of the
following classes of objects only: builtinDomain, organizationalUnit, and
domainDNS.
-
You must add the server names in the Directory Setup component
as they appear on the DNSHost Name attribute on the server entries under the
CN=Sites entry.
|