Security Guide for Siebel Business Applications > Security Adapter Authentication > Setting Up Security Adapter Authentication: A Scenario >

Setting Up the LDAP/ADS Directory

For purposes of testing the security adapter, this test implementation:

  • Authenticates users through the directory.
  • Allows self-registration.
  • Uses the Siebel user ID as the username.

NOTE:  For more information about setting up the directory, review Requirements for LDAP/ADS Directory.

Determine the Base Distinguished Name, a subdirectory in the directory, in which to store users. For details, see the BaseDN parameter description in Siebel Gateway Name Server Parameters.

You cannot distribute the users of a single Siebel application in more than one base DN. However, you can store multiple Siebel Business Applications' users in one base DN or in substructures such as organization units (OU), which are used for LDAP.

For this example, users are stored in the People base DN under the domain level in the sample LDAP directories, or in the Users base DN under the domain level in the sample ADS directory.

Define the attributes to use for the following user data. Create new attributes if you do not want to use existing attributes. For this example, attributes are suggested. Some of the suggested attributes are default attributes in one or more of the supported directories.

  • Siebel user ID. Suggested attribute: uid for LDAP, or sAMAccountName for ADS.
  • Database account. Suggested attribute: dbaccount.
  • Password. Suggested attribute (for LDAP only): userPassword. ADS does not use an attribute to store a user's password.

Optionally, use other attributes to represent first name, last name, or other user data.

Security Guide for Siebel Business Applications